Re: Web browsers need a built-in firewall....
With one rule - NO JAVASCRIPT
Every browser security bug that I can remember depends on the ability to make the browser execute code (ActiveX, Flash, Javascript etc). If a browser was only a browser (HTML only - no Javascript or other means of executing code) then the whole browser security mess would disappear.
(What legitimate activities require scripting in the browser instead of in the server ?)
It is possible to use The Register with scripting disabled - why can that not become the norm for all sites?
Icon for the poor security in Javascript. =====================>