Reducing browser privileges

Security companies and researchers have made careers out of identifying the latest bugs in Internet Explorer. While Microsoft has been relatively idle, the developers of Firefox have continued to add functionality and provide what was perceived to be more secure code. The story doesn't end there, though. The past six months have seen major vulnerabilities in Firefox too, and its adoption has slowed. Some people are beginning to question the wisdom in switching to another browser that is possibly just as insecure as IE.

Meanwhile a simple yet little-known approach exists for users to avoid many of these vulnerabilities in any web browser. It is a novel tool called "Drop My Rights," created by Microsoft's Michael Howard. While it was released last year and is very simple to use, it has not gained popularity despite all the vulnerabilities found in IE, Firefox, and various email applications. Therefore it's important to understand why such a tool is needed before looking at the tool itself. We'll test it in a virtual machine environment against various websites known to install spyware or viruses and look at the results. Reducing browser privileges

Linked by shanmuga Tuesday, 4th October 2005 10:17PM