Saturday, October 30, 2004
Good news about Internet Explorer
Microsoft apparently put their resources to work on some useful testing and debugging.
Security researcher Michal Zalewski put together an automated test that bombards a web browser with nonsense input to see if it crashes. That gives you an idea of how good the browser's tactical programming is, and the results are even relevant to security. If bad input can derail a program, then malicious input may be able to hijack it.
He tried this test on several popular browsers and made an interesting discovery. Microsoft Internet Explorer held up best. It would keep running, maybe throwing up an error message, while the alternative browsers crashed.
My guess, as a programmer, is that Microsoft must have built a testing tool like Zalewski's and then paid attention to the results.
So am I changing my advice to switch away from Internet Explorer? Stay tuned.
|
Security researcher Michal Zalewski put together an automated test that bombards a web browser with nonsense input to see if it crashes. That gives you an idea of how good the browser's tactical programming is, and the results are even relevant to security. If bad input can derail a program, then malicious input may be able to hijack it.
He tried this test on several popular browsers and made an interesting discovery. Microsoft Internet Explorer held up best. It would keep running, maybe throwing up an error message, while the alternative browsers crashed.
My guess, as a programmer, is that Microsoft must have built a testing tool like Zalewski's and then paid attention to the results.
So am I changing my advice to switch away from Internet Explorer? Stay tuned.
# posted by Frederick @ 7:51 PM Email to a friend:
Haloscan: they provide trackback