← Back to context Comment by hu3 15 hours ago There's much more to a browser than JS engine.They picked to most open-source one. 4 comments hu3 Reply SahAssar 14 hours ago WebKit is not open source?Sure there are closed source parts of Safari, but I'd guess at least 90% of safari attack surface is in WebKit and it's parts. Normal_gaussian 14 hours ago In many cases, the difference between a bug and an attack vector lies in the closed source areas.This is going to be the case automating attack detection against most programs where a portion is obscured. rs_rs_rs_rs_rs 13 hours ago >In many cases, the difference between a bug and an attack vector lies in the closed source areas.You say many cases, let's see some examples in Safari. dwaite 13 hours ago However, Firefox also needs to use the closed source OS when running on Windows or macOS.There are also WebKit-based Linux browsers, which obviously do not use closed-source OS interfaces.My pessimistic guess on reasoning is that they suspected Firefox to have more tech debt.
SahAssar 14 hours ago WebKit is not open source?Sure there are closed source parts of Safari, but I'd guess at least 90% of safari attack surface is in WebKit and it's parts. Normal_gaussian 14 hours ago In many cases, the difference between a bug and an attack vector lies in the closed source areas.This is going to be the case automating attack detection against most programs where a portion is obscured. rs_rs_rs_rs_rs 13 hours ago >In many cases, the difference between a bug and an attack vector lies in the closed source areas.You say many cases, let's see some examples in Safari. dwaite 13 hours ago However, Firefox also needs to use the closed source OS when running on Windows or macOS.There are also WebKit-based Linux browsers, which obviously do not use closed-source OS interfaces.My pessimistic guess on reasoning is that they suspected Firefox to have more tech debt.
Normal_gaussian 14 hours ago In many cases, the difference between a bug and an attack vector lies in the closed source areas.This is going to be the case automating attack detection against most programs where a portion is obscured. rs_rs_rs_rs_rs 13 hours ago >In many cases, the difference between a bug and an attack vector lies in the closed source areas.You say many cases, let's see some examples in Safari. dwaite 13 hours ago However, Firefox also needs to use the closed source OS when running on Windows or macOS.There are also WebKit-based Linux browsers, which obviously do not use closed-source OS interfaces.My pessimistic guess on reasoning is that they suspected Firefox to have more tech debt.
rs_rs_rs_rs_rs 13 hours ago >In many cases, the difference between a bug and an attack vector lies in the closed source areas.You say many cases, let's see some examples in Safari.
dwaite 13 hours ago However, Firefox also needs to use the closed source OS when running on Windows or macOS.There are also WebKit-based Linux browsers, which obviously do not use closed-source OS interfaces.My pessimistic guess on reasoning is that they suspected Firefox to have more tech debt.
WebKit is not open source?
Sure there are closed source parts of Safari, but I'd guess at least 90% of safari attack surface is in WebKit and it's parts.
In many cases, the difference between a bug and an attack vector lies in the closed source areas.
This is going to be the case automating attack detection against most programs where a portion is obscured.
>In many cases, the difference between a bug and an attack vector lies in the closed source areas.
You say many cases, let's see some examples in Safari.
However, Firefox also needs to use the closed source OS when running on Windows or macOS.
There are also WebKit-based Linux browsers, which obviously do not use closed-source OS interfaces.
My pessimistic guess on reasoning is that they suspected Firefox to have more tech debt.