Talk:Man-in-the-browser

From Wikipedia, the free encyclopedia
Jump to: navigation, search
WikiProject Computer Security / Computing  (Rated C-class, Mid-importance)
WikiProject icon This article is within the scope of WikiProject Computer Security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
C-Class article C  This article has been rated as C-Class on the project's quality scale.
 Mid  This article has been rated as Mid-importance on the project's importance scale.
Taskforce icon
This article is supported by WikiProject Computing.
 
WikiProject Computing (Rated C-class, Low-importance)
WikiProject icon This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
C-Class article C  This article has been rated as C-Class on the project's quality scale.
 Low  This article has been rated as Low-importance on the project's importance scale.
 

I think the article needs more detail on countermeasures, particularly secure browsers and ways that all existing browsers can be made more secure, since this is essential if internet commerce is to continue.

For example the code required to execute the secure transaction could be installed as root and the browser run under user privileges only, so that installed extensions cannot alter the root-level code. The secure portion of the code could then verify that extensions don't have root access. Without some partitioning between secure and insecure code a solution does not seem feasible. — Preceding unsigned comment added by Danwoodard (talkcontribs) 14:14, 8 October 2012 (UTC)