A secure browser must include the following traits as a minimum:
* It was coded using Security Development Lifecycle (SDL) techniques.
* It has undergone code review and fuzzing.
* It logically separates network and local security domains.
* It prevents easy malicious remote control.
* It prevents malicious redirection.
* It has secure defaults.
* It allows the user to confirm any file download or execution.
* It prevents URL obscurity.
* It contains anti-buffer overflow features.
* It supports common secure protocols (SSL,TLS, etc.) and ciphers (3DES, AES, RSA, etc.).
* It patches and updates itself automatically (with the user's consent).
* It has a pop-up blocker.
* It utilizes an anti-phishing filter.
* It prevents Web site cookie misuse.
* It prevents easy URL spoofing.
* It provides security zones/domains to segregate trust and functionality.
* It protects the user's Web site logon credentials during storage and use.
* It allows browser add-ons to be easily enabled and disabled.
* It prevents mischievous window use.
* It provides privacy controls.
* It has been battle tested by hackers over a sufficient period of time.
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
