feinicks Wrote:Sandbox is related to security as in it will follow a user-centric permission-based read-write process. The point being that any tab that is opened is sort of a separate application process, with its inherent security parameters and individual features.
Well, kinda moot for Windows. Can see a slight purpose for Linux, possibly, but can't see a great deal of use, since webpages shouldn't need to access files anyway, so really, you should just stick all the processes under the same limited user account.
feinicks Wrote:Also, individual process would mean that every tab is alloted certain memory. Not the shared memory. This will help maintain browser speed over extended use.
The difference is that the OS manages the memory, rather than the application...
feinicks Wrote:FF (or other tabbed browsers) fragment the memory and each new tab is placed in one fragment. This sharing is fine for sometime, but causes accumulation of old data over a period of time (as explained in the Google comic, as well). But all that one needs to do for that is get rid of non-essential cookies and temp files.
I really don't think fragmentation is Firefox's main issue. Probably just devs forgetting to deallocate used memory. Either case, having processes that die after a while plugs both issues.
feinicks Wrote:2> The second issue, as they have said is that sandbox is vulnerable because of plugins having higher permissions than the browser. Chrome's security is still pretty traditional, in terms of phising and sPa/\/\, although it seems very advanced with Malware. The vulnerability in plugins could potentially break the security of the browser...
Somewhat moot too - if you get some malware/exploited that manages to execute code, then it doesn't really matter how you structure the browser - the system's compromised...
ZiNgA BuRgA Wrote:feinicks Wrote:2> The second issue, as they have said is that sandbox is vulnerable because of plugins having higher permissions than the browser. Chrome's security is still pretty traditional, in terms of phising and sPa/\/\, although it seems very advanced with Malware. The vulnerability in plugins could potentially break the security of the browser...
Somewhat moot too - if you get some malware/exploited that manages to execute code, then it doesn't really matter how you structure the browser - the system's compromised...
You forget that Google has access to one of the biggest databases ever created that when combined with their servers can hit every malware site and blacklist it in under an hour of it's creation..
The great thing in Chrome unlike Firefox is Chrome has it's own built-in process manager. You can see what tabs and what plug-ins are taking the most memory and slowing down the tab you are viewing, then end that processes without affecting the rest of your tabs because of the sandbox.
Kuu Wrote:You forget that Google has access to one of the biggest databases ever created that when combined with their servers can hit every malware site and blacklist it in under an hour of it's creation..
That's a point. I recall Firefox's anti-phishing uses Google's DB though. Either case, it could be made into a plugin where Firefox uses Google's DB... :P
Kuu Wrote:The great thing in Chrome unlike Firefox is Chrome has it's own built-in process manager. You can see what tabs and what plug-ins are taking the most memory and slowing down the tab you are viewing, then end that processes without affecting the rest of your tabs because of the sandbox.
It does? Haven't read it all, but sounds interesting that way. Personally don't think the average user is going to care too much about process priority, but if you're browsing a usually laggy site, I guess you could stick in a rule.
Well, I hope it's an end to those "rickroll" sites XD
ZiNgA BuRgA Wrote:Kuu Wrote:The great thing in Chrome unlike Firefox is Chrome has it's own built-in process manager. You can see what tabs and what plug-ins are taking the most memory and slowing down the tab you are viewing, then end that processes without affecting the rest of your tabs because of the sandbox.
It does? Haven't read it all, but sounds interesting that way. Personally don't think the average user is going to care too much about process priority, but if you're browsing a usually laggy site, I guess you could stick in a rule.
Well, I hope it's an end to those "rickroll" sites XD
Yea.. that is one feature that I'm looking to test real-time. This will display even the plug-in information. Apparently Google is telling that if the browser can't catch the rogue program, the you do it yourself!
after reading through the comic it does sound quite interesting, especially the sandbox and the process manager.
ZiNgA BuRgA Wrote:Personally don't think the average user is going to care too much about process priority, but if you're browsing a usually laggy site, I guess you could stick in a rule.
Well, I hope it's an end to those "rickroll" sites XD
^For that reason exactly!
Now all i need to do is go down to the local computer shop, buy a wifi adapter, hack it for extended range, locate it as close to the front of my house as possible and leech (read: borrow) my neighbours wifi. My dad doesn't trust me with the internet in my room, meaning i have to acquire it through other methods. its a shame there isn't a version for the psp to replace its chocolatety browser...