from Hacker News

Ask HN: time for an extra-secure browser?

by mike47 on 2/3/12, 10:52 AM with 2 comments

A report on the BBC website about a new attack on internet banking (http://www.bbc.co.uk/news/technology-16812064) made me wonder if it is time for an enhanced security browser that could be used just for online banking? So for example, it would not run any Javascript, have a very strict same-origin policy, and could perhaps include some kind of built-in anti-virus. Any thoughts?

  • by dsr_ on 2/3/12, 11:59 AM

    Not running JS is, unfortunately, a death sentence. Too many sites legitimately depend on it.

    On the other hand, you could reasonably require a user to turn JS on for each site that needed it.

    On the gripping hand, users would complain, or automatically turn it on for every site, or both.