> To secure browser which is very fragile, the approach of HTTPS Only 3.1 is > exceptionally simple:
Please help make widespread browsers "Simple" firefox now takes > 200M mem without any tabs open and chrome is > 70M to download. Xombrero uses 30-45 M of mem > 1. Only HTTPS URLs(no other protocols) > 2. Whitelist of domains(anything outside of whitelist is blocked) > > Now, let's look at threats: > 1. Man in the middle - it's fixed. > 2. Phishing always requires the browser to load attacker's website, so it's > permanently dead here. > 3. Drive-by Download - dead(if applied strictly, unable to download the > executable) > 4. Clickjacking - dead(attacker's web page is unreachable) > 5. Address Spoofing - dead too(just unable to load the fake content) > 6. XSS - almost dead(for attacker, the XSS vulnerability has to be GET, > because POST requires attacker's HTML) > 7. CSRF - almost dead(for attacker, the CSRF vulnerability has to be GET, and > modern web applications simply don't do > important things in GET, because it can be bookmarked etc, too dangerous) > So you want to avoid attacks caused by people who don't know what they are doing with making DDOS more effective and the most widespread attack that affects everyone?? > URLs: > Project Home Page: https://www.httpsonly.net/View Source Code: > https://www.httpsonly.net/source/ > Kind Regards, > > I'm not the owner of this software, just wanted to share the idea. Have a > nice day! I assume you are a Troll. Please don't be a Troll, Thankyou. -- KISSIS - Keep It Simple So It's Securable
