On Sun, Jan 22, 2012 at 09:47:52PM -0800, John Doe wrote: > Excuse my good old-fashioned American turkeyness of last year, but if it's not > secure by default, it does indeed belong on the website. Why can't we set > machdep.allowaperture=1 for n00bs whose first priority is to use X Windows
Commenting halfway across your sentence: security and usability conflict here. Most people don't want it set to 1 because the VGA framebuffer does not offer many goodies regarding screen usage. > without getting hacked in the kernel from all those stray pointers escaping > from > Firefox? Sure, ASLR helps, In fact, ASLR can hardly be called a defense in JITs (javascript is a JITted language: Just In Time compiled). Most JITs either manage their own memory, completely bypassing any ASLR in the OS, or depend on certain "features" of ASLR. Also, the current implementation of ASLR is not very effective on large memory hogs like browsers. > but I want a basic browser capable of running > Javascript > securely in a thread-safe jail JITs are in their infant stage and still catching up to the latest decades of security insights. > without crashing on double frees, That would scare me actually. A double free means that: either the software kept using the memory after the first free, likely corrupting another part of the program, and it may have used incorrect data for that time (since another part of the program may have written its own data their). For example, it may have published your passwords in some forum, if the memory was used for password storage and a form post buffer at the same time. > running out of memory, Unfortunately, no resource is unlimited. > and selling more cookies than the Girl Scouts, that > somehow manages to > maintain more hidden access logs than a Swiss bank on MY > personal computer, > regardless of the privacy settings I choose. In this case, you probably want to switch browsers altogether. > Is surf a > better browser, or are there > other suggestions? I don't know surf. Someone mentioned xxxterm. I highly recommend it. It's also based on webkit, which uses a JIT for its javascript, so the above still applies to both browsers. > Surely OpenBSD would not be > accused of antitrust for integrating a browser into > the operating system, We hardly classify as a monopoly. :) > or > at least coming up with or pointing users toward a decent > port if there is > one. > Maybe it's just wishful thinking, but what I'm getting at is that I > want/need a secure standards-compliant graphical client for web access. xxxterm is very fast and minimalistic (less complexity, thus less chance for bugs). There's midori, which is a bit larger. Then there's chrome. If you're using i386, you can also decide to run opera, using the linux emulation layer. All these can be found in the ports collection. KDE also had a browser (konqueror). I don't know if KDE4 still provides it. Konqueror, as shipped in KDE3, is pretty dated and will probably not handle many sites, so won't display facebook or twitter (which may considered a feature). But if you're really conscious about security, you won't use any graphical browser. They're huge, complex beasts and the recent cool-aid of getting them to run faster has been detrimental to any left-over safety (not to mention portability). Using any browser is like locking the front door to your house after putting the furniture on your lawn. :( -- Ariane
