[37062] in bugtraq
RE: Update: Web browsers - a mini-farce (MSIE gives in)
daemon@ATHENA.MIT.EDU (David Brodbeck)
Mon Oct 25 19:24:14 2004
Message-ID: <C823AC1DB499D511BB7C00B0D0F0574CC40B8F@serverdell2200.interclean.com>
From: David Brodbeck <DavidB@mail.interclean.com>
To: bugtraq@securityfocus.com, "'lcamtuf@ghettot.org'" <lcamtuf@ghettot.org>
Date: Mon, 25 Oct 2004 09:03:20 -0400
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
> -----Original Message-----
> From: Michal Zalewski [mailto:lcamtuf@ghettot.org]
> ******************************************************************
> * This means that VIRTUALLY EVERY BROWSER IN USE TODAY is unable *
> * to securely render HTML. Keeping in mind that not only web *
> * browsing, but also integrated e-mail is at risk, it is a grim *
> * thought. *
> ******************************************************************
This has been a basic pet peeve of mine for years -- even before web
browsers came on the scene. How many times have you seen a word processor
crash due to an unfortunate sequence of commands or opening a corrupted
file, for example? I think that kind of behavior is just unacceptable.
Software should be able to deal with any input that's thrown at it.
