Comments on: Phishing attack uses pop-up message on bank sites http://itknowledgeexchange.techtarget.com/security-bytes/phishing-attack-uses-pop-up-message-on-bank-sites/ A SearchSecurity.com blog Tue, 24 Nov 2009 14:33:26 +0000 http://wordpress.org/?v=2.6.2 By: Eirik Iverson http://itknowledgeexchange.techtarget.com/security-bytes/phishing-attack-uses-pop-up-message-on-bank-sites/#comment-584 Eirik Iverson Tue, 13 Jan 2009 18:52:08 +0000 http://security.blogs.techtarget.com/2009/01/13/phishing-attack-uses-pop-up-message-on-bank-sites/#comment-584 The security within web browsers is awful. There is little to no compartmentalization within the browser, keeping stuff that came from one web server separate from stuff from another. A javascript from an advertisement should be unable to access 'stuff' from another web server serving content to another browser tab, for example. I recommend that people use two or more web browsers. One does sensitive stuff, the other everything else. More on that here: http://www.securitynowblog.com/endpoint_security/dual-web-browsers-can-avoid-information-disclosures The security within web browsers is awful. There is little to no compartmentalization within the browser, keeping stuff that came from one web server separate from stuff from another. A javascript from an advertisement should be unable to access ’stuff’ from another web server serving content to another browser tab, for example.

I recommend that people use two or more web browsers. One does sensitive stuff, the other everything else. More on that here:
 <a href="http://www.securitynowblog.com/endpoint_security/dual-web-browsers-can-avoid-information-disclosures" title="http://www.securitynowblog.com/endpoint_security/dual-web-browsers-can-avoid-information-disclosures" target="_blank">http://www.securitynowblog.com/endpoint_…</a>

]]>