← Back to context Comment by hu3 17 hours ago There's much more to a browser than JS engine.They picked to most open-source one. 4 comments hu3 Reply SahAssar 16 hours ago WebKit is not open source?Sure there are closed source parts of Safari, but I'd guess at least 90% of safari attack surface is in WebKit and it's parts. Normal_gaussian 16 hours ago In many cases, the difference between a bug and an attack vector lies in the closed source areas.This is going to be the case automating attack detection against most programs where a portion is obscured. rs_rs_rs_rs_rs 15 hours ago >In many cases, the difference between a bug and an attack vector lies in the closed source areas.You say many cases, let's see some examples in Safari. dwaite 15 hours ago However, Firefox also needs to use the closed source OS when running on Windows or macOS.There are also WebKit-based Linux browsers, which obviously do not use closed-source OS interfaces.My pessimistic guess on reasoning is that they suspected Firefox to have more tech debt.
SahAssar 16 hours ago WebKit is not open source?Sure there are closed source parts of Safari, but I'd guess at least 90% of safari attack surface is in WebKit and it's parts. Normal_gaussian 16 hours ago In many cases, the difference between a bug and an attack vector lies in the closed source areas.This is going to be the case automating attack detection against most programs where a portion is obscured. rs_rs_rs_rs_rs 15 hours ago >In many cases, the difference between a bug and an attack vector lies in the closed source areas.You say many cases, let's see some examples in Safari. dwaite 15 hours ago However, Firefox also needs to use the closed source OS when running on Windows or macOS.There are also WebKit-based Linux browsers, which obviously do not use closed-source OS interfaces.My pessimistic guess on reasoning is that they suspected Firefox to have more tech debt.
Normal_gaussian 16 hours ago In many cases, the difference between a bug and an attack vector lies in the closed source areas.This is going to be the case automating attack detection against most programs where a portion is obscured. rs_rs_rs_rs_rs 15 hours ago >In many cases, the difference between a bug and an attack vector lies in the closed source areas.You say many cases, let's see some examples in Safari. dwaite 15 hours ago However, Firefox also needs to use the closed source OS when running on Windows or macOS.There are also WebKit-based Linux browsers, which obviously do not use closed-source OS interfaces.My pessimistic guess on reasoning is that they suspected Firefox to have more tech debt.
rs_rs_rs_rs_rs 15 hours ago >In many cases, the difference between a bug and an attack vector lies in the closed source areas.You say many cases, let's see some examples in Safari.
dwaite 15 hours ago However, Firefox also needs to use the closed source OS when running on Windows or macOS.There are also WebKit-based Linux browsers, which obviously do not use closed-source OS interfaces.My pessimistic guess on reasoning is that they suspected Firefox to have more tech debt.
WebKit is not open source?
Sure there are closed source parts of Safari, but I'd guess at least 90% of safari attack surface is in WebKit and it's parts.
In many cases, the difference between a bug and an attack vector lies in the closed source areas.
This is going to be the case automating attack detection against most programs where a portion is obscured.
>In many cases, the difference between a bug and an attack vector lies in the closed source areas.
You say many cases, let's see some examples in Safari.
However, Firefox also needs to use the closed source OS when running on Windows or macOS.
There are also WebKit-based Linux browsers, which obviously do not use closed-source OS interfaces.
My pessimistic guess on reasoning is that they suspected Firefox to have more tech debt.