Google has publicly released a Browser Security Handbook on Google Code. The handbook "is meant to provide web application developers, browser engineers, and information security researchers with a one-stop reference to key security properties of contemporary web browsers".
The Browser Security Handbook is divided into three parts and a download that contains dozens of examples. The three parts are "Basic concepts behind web browsers", "Standard browser security features" and "Experimental and legacy security mechanisms".
"The document currently covers several hundred security-relevant characteristics of Microsoft Internet Explorer (versions 6 and 7), Mozilla Firefox (versions 2 and 3), Apple Safari, Opera, Google Chrome, and Android embedded browser".
Note: The security handbook as been updated in December 2008 the last time. While still useful especially when it comes to general concepts discussed, it is not taking into accounts recent developments.
In basic concepts, the documents explains the following concepts:
Please note that the handbook has been written for users interested in security, or are employed as security analysts. It is not a lite read, and inexperienced users may find that even the basic concept part of the book is a tough nut to crack.
The second part, Browser Security features, looks at the web browser, and security features that it offers or uses. The main topics examined in this chapter are:
The third and final chapter of the book looks at experimental and legacy security mechanism:
Please click on the following link to open the newsletter signup page: Ghacks Newsletter Sign up
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.
I’m glad that more people will start getting informed about Internet Security. It’s true that a large percentage of internet fraud and hacking attempts would be averted if users were simply more informed.