- From: Michaela Merz <michaela.merz@hermetos.com>
- Date: Thu, 19 Feb 2015 14:55:09 -0600
- To: noloader@gmail.com, Bjoern Hoehrmann <derhoermi@gmx.net>
- CC: public-webapps WG <public-webapps@w3.org>
I am not sure about that. Based on the premise that the browser itself doesn't leak data, I think it is possible to make a web site safe. In order to achieve that, we to make sure, that a) the (script) code doesn't misbehave (=CSP); b) the integrity of the (script) code is secured on the server and while in transit; I believe both of those imperative necessities are achievable. Michaela On 02/19/2015 01:43 PM, Jeffrey Walton wrote: > On Thu, Feb 19, 2015 at 1:44 PM, Bjoern Hoehrmann <derhoermi@gmx.net> wrote: >> * Jeffrey Walton wrote: >>> Here's yet another failure that Public Key Pinning should have >>> stopped, but the browser's rendition of HPKP could not stop because of >>> the broken security model: >>> http://arstechnica.com/security/2015/02/lenovo-pcs-ship-with-man-in-the-middle-adware-that-breaks-https-connections/. >> In this story the legitimate user with full administrative access to the >> systems is Lenovo. I do not really see how actual user agents could have >> "stopped" anything here. Timbled agents that act on behalf of someone >> other than the user might have denied users their right to modify their >> system as Lenovo did here, but that is clearly out of scope of browsers. >> -- > Like I said, the security model is broken and browser based apps can > only handle low value data. > > Jeff >
Received on Thursday, 19 February 2015 20:55:36 UTC