Comment by mrob
5 days ago
I disagree. The more browser engines in use the less damage any one security exploit can do. This matters even with memory safe languages, because logic errors can be just as damaging, e.g. the Log4j exploit.
5 days ago
I disagree. The more browser engines in use the less damage any one security exploit can do. This matters even with memory safe languages, because logic errors can be just as damaging, e.g. the Log4j exploit.
Bugs are proportional to lines of code. More browser implementations with result in many more bugs. All the effort of reimplementing multiple times would be better put towards security a single browser engine if security is what you are trying to go after. Also you don't need a single exploit due to defense in depth of browser engines. You have to chain multiple exploits together.