main topics archive podcast connect
This form does not yet contain any fields.

    REQUIRED READING

    Okay Geek Farm
    Notify Ricardo

    When you finish something, notify Ricardo (Executive Editor) via a private DM through Twitter.

    Okay Geek Traffic Traffic live stats Twitter activity Facebook Page Image compress app Tips & Guidelines Report a problem
    Navigation
    ← Previous Clean slate Next →
    Thursday
    Jul232009

    Microsoft Gazelle | What does this mean for the future of Microsoft?

    Discuss thisDiscuss this ()Options
    AuthorBrandon Davenport DateJul 23, 2009 , ,

     

    Microsoft researchers are working on a new browser called Gazelle which it promises will have some impressive new features and capabilities. Gazelle, relies on a “browser kernel” (5,000 lines of C# code) that helps enforce security rules to prevent malicious access to the PC’s underlying operating system.

     Gazelle is different from some other browsers in that it considers each part of a Web site — such as iframes, subframes, and plug-ins — as separate elements. Some of those elements can pull in malicious content from other Web sites. Google’s Chrome runs a Web page and its elements in a single process.

    Another interesting feature of Gazelle is aimed at blocking so-called race condition attacks. In that scenario, an attacker creates a Web page aimed at making a user click on an area of the page. But just before the predicted click happens, an overlay is drawn into the page, which could cause a user to be attacked. Gazelle will ignore any clicks in newly exposed screen areas for about one second until a user can see the new screen areas.

    Microsoft Gazelle browser Details

    The idea behind Gazelle is to create a browser that is more secure for the now typical dynamic pages we find on the Web. According to Microsoft, Gazelle is different as no existing browsers, including new architectures, have a multi-principal operating system constructed in such a way that provides the browser-based OS exclusive control to manage the protection of all system resources.

    "Gazelle's security model is centered around protecting principals from one another by separating their respective resources into hardware-isolated protection domains. Any sharing between two different principals must be explicit using cross-principal communication (or IPC) mediated by Browser Kernel."

    gazelle_feb_09.jpg

    The research team claims it has successfully browsed 19 of the 20 most popular sites as reported by Alexa with its prototype, but admits the performance of the prototype was only "acceptable." The paper also includes an in-depth comparison of Gazelle's architecture and security with Google Chrome, OP and IE8.

     

    AuthorBrandon Davenport DateJul 23, 2009 , ,

    Save on InstapaperRead More

    Discussion Threads

    Follow and Subscribe to Okay Geek - We always send our latest articles to Twitter, RSS, Facebook and more, as well as other awesome content we find interesting.

    Related Posts Plugin for WordPress, Blogger...

    All Content & Design by Okay Geek © 2011-2012 · Unless noted otherwise

    Built using Squarespace