- From: Mike Beltzner <beltzner@mozilla.com>
- Date: Mon, 30 Jul 2007 14:55:45 -0400
- To: Thomas Roessler <tlr@w3.org>
- Cc: michael.mccormick@wellsfargo.com, public-wsc-wg@w3.org
Mark Finkle, a Mozilla Technology Evangelist, has produced a set of binaries called "WebRunner" which is meant to make it easier to produce a HTML client that talks to a single web-application. He hasn't done any work vis-a-vis locking it down from a security perspective, but we could talk to him about adding that to his working list of requirements. I think there's some value into looking at organizations creating and distributing website specific apps, and it fits into a model of "web- backed widgetry" which is popular on mobile devices. cheers, mike On 30-Jul-07, at 1:57 PM, Thomas Roessler wrote: > > (Cutting the CC list down) > > On 2007-07-30 11:16:15 -0500, michael.mccormick@wellsfargo.com wrote: > >> There are emerging vendors who offer a hardened web browser that >> only allows the user to access certain pre-vetted web sites. The >> one I saw demo'd today is based on the Mozilla code base. The UI >> looks like a stripped-down Firefox. While it's running all other >> Windows programs (inc. any key loggers or other malware) are more >> or less suspended. Only SSL communication is allowed. The >> browser also uses a private DNS server to avoid DNS poisoning and >> a signed URL list to avoid bookmark poisoning. > > I wonder how scalable this actually is, and how much it'll be used. > I've seen similar approaches demonstrated where the banking platform > was launched from a read-only Linux distribution (on CD), to defend > against any possible malware infestation. > > Regards, > -- > Thomas Roessler, W3C <tlr@w3.org> >
Received on Monday, 30 July 2007 18:59:50 UTC