Asi es.... Google ha publicado un Manual de Seguridad del navegador accesible para todo el publico con la esperanza de ayudar a hacer la Web un lugar más seguro.
El manual consta de unas 60 páginas donde podemos encontrar amplio conjunto de características de seguridad y características de uso común en los navegadores, junto con útiles comentarios y sugerencias para los desarrolladores de aplicaciones que necesitan confiar en estos mecanismos, así como equipos de trabajo de ingeniería sobre el futuro del navegador del lado del incremento de la seguridad. http://vulnerabilityteam.wordpress.com/2008/12/11/google-publica-un-manual-de-seguridad-para-navegadores-browsers/ -----Mensaje original----- De: Michal Zalewski [mailto:[EMAIL PROTECTED] Enviado el: jueves, 11 de diciembre de 2008 0:05 Para: [EMAIL PROTECTED]; full-disclosure@lists.grok.org.uk Asunto: Browser Security Handbook Hi all, I am happy to announce the availability of our "Browser Security Handbook" - a comprehensive, 60-page document meant to provide web application developers and information security researchers with a one-stop reference to several hundred key security properties and sometimes counterintuitive quirks in contemporary web browsers: http://code.google.com/p/browsersec/wiki/Main Having a clear picture of these characteristics appears to be of significance to building secure web applications, and to auditing existing designs for potential weaknesses. For this reason, I am hoping that the document is a valuable contribution to the information security community. BSH currently covers recent releases of Microsoft Internet Explorer (versions 6 and 7), Mozilla Firefox (versions 2 and 3), Apple Safari, Opera, Google Chrome, Android embedded browser, and a handful of browser plugins. Please note that due to the sheer number of characteristics covered, I fully expect some kinks to show up here and there; feedback from vendors and security researchers is greatly appreciated. Cheers, /mz _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/