Our website would like to use cookies to store information on your computer. You may delete and block all cookies from this site, but parts of the site will not work as a result. Find out more about how we use cookies.
Novacaster Community Logo

Login or Register

Welcome!»
Latest Contributions»
Community Areas»
Blogging Areas»
Group Areas»
Business Areas»
Technical Areas»
 
Unknown Masterpiece»

Keyword Search:

Advanced Search
Powered by
Powered by Novacaster
 
IE and standards
by Simon at 13:11 05/07/04 (Blogs::Simon)
This is why I say IE doesn't follow standards.

Regarding IE and security - the problem is that IE doesn't sandbox untrusted executables and, since the MHTML engine is a core underpinning of the OS running with admin privs, a cross-domain vulnerability means that your Windows box ends up being ownable.

In contast, other browsers typically run as unprivileged users and specifically sandbox scripts/in-page executables etc, so the chances of a catastrophic result of any particular vulnerability are much reduced.

MS's default security model is too open, and even if users have the tools to close the obvious holes (via preferences etc) then the typical user won't employ them.
--
simon

<< Roslyn Chapel gets an RSS news... Oi - that's *my* theory! >>
View Comments (Flat Mode) Printer Version
Thoughts on a possible public ... Simon - 2/07
    Re: Thoughts on a possible pub... Hugo van der Sanden - 4/07
    Re: Thoughts on a possible pub... Nic Jackson - 5/07
       IE and standards Simon - 5/07
          Re: IE and standards Nic Jackson - 5/07
             Re: IE and standards Simon - 5/07
    Re: Thoughts on a possible pub... Simon - 26/07
       Re: Thoughts on a possible pub... David Crowson - 27/07
       Re: Thoughts on a possible pub... Gordon Hundley - 27/07