- From: James A. Donald <jamesd@echeque.com>
- Date: Tue, 13 Jun 2006 10:09:14 +1000
- To: public-usable-authentication@w3.org
Frederick Hirsch wrote:
> I have a general question about secure chrome, which I
> think reiterates what George said.
>
> What is to prevent an attack on secure chrome by
> simply replacing the entire browser implementation, so
> that the secure chrome isn't effective since the
> underlying code is modified? Is the intent to remove
> insecure functionality so that this attack would not
> work undetected?
>
> (in this case open source seems to enable a
> modification/replacement attack on the entire browser
> implementation itself)
The best we can do is ensure that only installed
programs can commit fraud against a reasonably competent
and vigilant user, which at present we are not doing.
Right now web pages can commit fraud against a competent
and vigilant user.
With trusted computing, we can do better than that, but
that is not a reason to deploy trusted computing until
we do the best we can with what we already have.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
k+IHXg2ILW7fi6B8oNMBEGVyvcTVySWCy+jnhcSf
4iHwsVpS2Wz7/UYldV4dAsd9Xsw82AhF6IttAd06o
Received on Tuesday, 13 June 2006 15:04:22 UTC