Category Archives: tech

Enigma Conference 2020 – Browser Privacy Panel

Brave, Mozilla Firefox, Google Chrome and Microsoft Edge presented on our current privacy work at the Enigma 2020 conference in late January. The talks were mostly high-level, but there were a few feature-level slides for each browser. My ~10 minute presentation on Microsoft Edge was first, followed by Firefox, Chrome, and Brave. At 40 minutesContinue reading “Enigma Conference 2020 – Browser Privacy Panel”

“Can I… in the new Edge?” (Un-FAQ)

This post is intended to collect a random set of questions I’ve been asked multiple times about the new Chromium-based Edge. I’ll add to it over time. I wouldn’t call this a FAQ because these questions, while repeated, are not frequently asked. Last Update: Sept 25, 2024 Can I get a list of all supportedContinue reading ““Can I… in the new Edge?” (Un-FAQ)”

Bypassing AppProtocol Prompts

Starting in Microsoft Edge 77 (and Chrome 77), the prompt shown when launching an AppProtocol from the browser was changed to remove the “Always allow” checkbox. That change was made, in large part, because this prompt is the only thing standing between every arbitrary site on the Internet (loaded inside your browser’s sandbox) and aContinue reading “Bypassing AppProtocol Prompts”

Browser Password Managers: Threat Models

All major browsers have a built-in password manager. So we should use them, right? I Do Should You? The easy answer is “Yes, use your browser’s password manager!“ The more nuanced answer begins: “Tell me about your threat model?” As when evaluating almost any security feature, my threat model might not match your threat model,Continue reading “Browser Password Managers: Threat Models”

Demystifying Browsers

Last update: October 29, 2024 Web browsers are conceptually pretty simple, but their code and the ecosystems that arise around the platforms they expose are immensely complicated. I started building browser extensions more than 22 years ago, and I started building browsers directly just over 16 years ago. At this point, I think it’s fairContinue reading “Demystifying Browsers”