Sebastian G. wrote:
> kurt wismer wrote:
>> Sebastian G. wrote:
>>> kurt wismer wrote:
>>>
>>>> and the absurdity continues... apparently internet exploder (what
>>>> most people use to browse the web with) doesn't exist in your world,
>>>
>>> It does, but it isn't a webbrowser and therefore counts as PEBKAC.
>>> It's futile to discuss it in any security content since it's well
>>> documented to not be supposed to provide security in a hostile
>>> environment.
>>
>> i see...
>>
>> well, all i can say is that those things you disagree with regarding
>> drive-by downloading apply to the world where IE *is* a web browser -
>
> Will you please shut up and read the documentation and/or look at the
> implementation?

my aren't you pleasant...

> The security model is to provide confluent protection in
> a secure environment, but not in a hostile environment. And surely it
> doesn't even get SGML comment pasing right, how should it ever get HTML
> right?

you make an excellent argument for why it's a *bad* browser, but not for
why it isn't a browser at all...

in the world most people operate in IE is a browser... i can appreciate
trying to redefine things in order to promote a paradigm shift in the
way people think about security - unfortunately it sucks for everyday
practical matters when that paradigm shift hasn't happened yet, and that
paradigm shift isn't likely to come as your behaviour doesn't encourage
people to buy into the alternative view you're proposing...

--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"