New-Breed Browsers Are Harder to Hack
Chrome, Opus Palladianum, and Gazelle will be more secure, with features borrowed from operating systems
Taking a Page:As browsers are increasingly used for sensitive transactions, a security loophole has widened. New designs borrow from operating system features.
July was a bad month for old-fashioned Web browsers. Troublemakers found ways to infiltrate personal computers by breaking in through Microsoft's Internet Explorer and Mozilla's Firefox.
As security experts issued dire warnings and the companies scrambled to produce software patches, computer scientists at the University of Illinois at Urbana-Champaign quietly put the finishing touches on what many believe is the only solution to a growing number of online security threats: a radically redesigned Web browser.
Samuel King, an assistant professor of computer science who is spearheading the effort, says he and his students plan to release a public version of their new Web browser, Opus Palladianum, or OP, on 1 September. Named after a technique for making mosaics from irregularly shaped material, OP's moniker is a tribute to Mosaic, the original Web browser, also developed on the Urbana-Champaign campus. The development of OP is part of a movement to dramatically improve the security of the Web by making browsers that behave more like operating systems. Microsoft and Google are working along the same lines.
"From a security perspective, browsers are completely broken," King says. The problem with traditional browsers is that the way people use the Web has changed. Instead of just looking up information on static pages coded with HTML, or HyperText Markup Language, people are using the browser to run Web versions of applications that used to reside on a PC, such as e-mail, social networking, and online banking. "I don't think my mother uses anything besides her Web browser," King says.
But browsers weren't built to manage access to applications and sensitive data. And their vulnerability to digital attacks is increasingly attracting everyone from run-of-the-mill mischief makers to sophisticated criminal organizations. Researchers at Sophos, a security company based in Abingdon, England, near Oxford, say they are discovering sabotaged sites every 3.6 seconds, quadruple last year's rate.
King and two of his students began working on OP two years ago with the idea that if they divided a browser into separate subsystems—for instance, the user interface, storage, and networking—they could make it more secure. Communication between the different parts of the program is kept simple and explicit, much as processes are managed in an operating system.
Because the pieces of the browser are carefully kept apart, it becomes much more difficult for bad guys to install software that steals passwords and credit card numbers or sends out spam. It's as if a burglar broke into your home and couldn't get past the front entryway, King says.
Meanwhile, computer scientists at Google and Microsoft are adopting similar ideas. "We were very much aware of the limitations of the [traditional] browser," says Brian Rakowski, a Google product manager.
Like King and his students, Google engineers concluded that they could get greater security and more reliable performance by separating the browser's functions into different processes. They released the Chrome browser in September 2008 as an open-source project for review. The company is also working on a new, stripped-down operating system, the Chrome OS, designed to support Web browsing.
King says Chrome gave him some significant ideas for how to improve OP, and he also borrowed some ideas for displaying content in the browser from Microsoft's Gazelle project, which like OP and Chrome seeks to build a next-generation browser. The inspiration flowed both ways. King consulted on the Gazelle project and also received some funding from Microsoft Research's Internet Services Research Center.