My New Browser!

OK, well not quite, I’m going to need an OS X version before I fully switch… but this is REALLY good to see.

Some CS researchers (Chris Grier, Shuo Tang, and Samuel T. King) at the University of Illinois have designed a new browser from the ground up with security in mind. While the new versions of Firefox and IE are beginning to build more security on top of their existing software, they are fundamentally flawed. There is so much tied together with the existing browsers that the trust model is broken.

The number of threats that are at least partially due to how the internet browsers are built is getting ridiculous. Whether it is trust issues with plug-ins like Flash and RealPlayer, or domain policy issues that lead to cross site scripting, the number of these vulnerabilities and exploits are piling up. The mere fact that malware can be downloaded, installed and started simply by opening a web page with a browser is a great indication that the situation is completely out of hand. According to the paper, there were 205 reported security vulnerabilities within the major browsers and an additional 301 security vulnerabilities within various browser plug-ins within the past year. The current browsers, for all intents and purposes, are broken.

The OP web browser partitions itself into subsystems and enforces security policies within the small kernel. This is very much how operating systems are designed, which means that even if a plug-in is compromised, the browser is not. To quote the abstract:

“To show the utility of our browser architecture, we design and
implement three novel security features. First, we develop novel
and flexible security policies that allows us to include plugins
within our security framework. Our policy removes the burden
of security from plugin writers, and gives plugins the flexibility
to use innovative network architectures to deliver content while
still maintaining the confidentiality and integrity of our browser,
even if attackers compromise the plugin. Second, we use formal
methods to prove that the address bar displayed within our
browser user interface always shows the correct address for the
current web page. Third, we design and implement a browser-
level information-flow tracking system to enable post-mortem
analysis of browser-based attacks. If an attacker is able to
compromise our browser, we highlight the subset of total activity
that is causally related to the attack, thus allowing users and
system administrators to determine easily which web site lead to
the compromise and to assess the damage of a successful attack.”

The OP browser currently runs on Linux with KHTML as the layout engine. They plan to create a cross-platform Webkit version and release it to the open-source community. Perhaps Mozilla could help out with this project 😉 .

Go read the paper and let me know what you think.