practice

Doi: 10.1145/1506409.1506422

Article development led by queue.acm.org

What can be done to make Web browsers secure while preserving their usability?

BY thomaS WaDLo W anD VLaD GoReLiK

Security

in the

Browser

depleted uranium sphere at the bottom
of the ocean.” That’s the oft-quoted description of
what it takes to make a computer reasonably secure.
obviously, in the Internet age or any other, such a
machine would be fairly useless as well.

“sealed In a

We live in interesting times. That computer on your desktop embodies the contradiction that faces a security engineer in the 21st century. It must be kept safe; and a lot of time, effort, and money is spent attempting to do exactly that. firewalls are built to separate that machine from the Internet. Security audits tell us what programs must be deleted and what permissions changed so that the machine cannot be compromised. Virus checkers test all new software loaded on the machine for malicious content.

illustration by Jonathan barKat