On Saturday 14 May 2005 13:03, Anthony G. Atkielski wrote: > Jaqui Greenlees writes: > > any extention to a browser should by default be marked as insecure. > > or the developers of the browser could be held liable for damages for > > not marking it as such. > > ( flash included ) > > I agree. And they should also be held responsible for any mistakes they > make that breach security. This includes buffer overflows, for which > there is no excuse.
It's very difficult to tell other people what to do. About the best you can do is set an API and close down anything that doesn't conform to it. And, as it is the host that is vulnerable, the host is also responsible; if MF wanted to avoid buffer overflows, it could have written the code to be invulnerable to them (using java, or insisting that all plugins be written in java for example, or inventing your own "java", or putting each plugin in a separate process, or ...) > > if this attitude is adopted, then it makes end user accept > > responsability for breaking security. > > Yes, but most software tends to drift away from this ideal, and Firefox > no doubt will do that, too. People want bells and whistles, not > security. At the end of the day, what wins is that combination of things that delivers the best results. There is no absolute in security, people will aways trade some security for some benefit. By way of example, you recently posted that you had relationships with financial institutions. That's a trade-off. Everyone makes these trade-offs. The best we can do is say "there are trade-offs. Here they are... Be careful. No guarantees." Or somesuch - I'm having trouble writing that and not finding loopholes myself. iang -- http://iang.org/ _______________________________________________ Mozilla-security mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-security
