Passkeys – Syncable WebAuthN credentials

Passwords have lousy security properties, and if you try to use them securely (long, complicated, and different for every site), they often have horrible usability as well. Over the decades, the industry has slowly tried to shore up passwords’ security with multi-factor authentication (e.g. one-time codes via SMS, ToTP authenticators, etc) and usability improvements (e.g.Continue reading “Passkeys – Syncable WebAuthN credentials”

Certificate Revocation in Microsoft Edge

When you visit a HTTPS site, the server must present a certificate, signed by a trusted third-party (a Certificate Authority, aka CA), vouching for the identity of the bearer. The certificate contains an expiration date, and is considered valid until that date arrives. But what if the CA later realizes that it issued the certificateContinue reading “Certificate Revocation in Microsoft Edge”

“Batteries-Included” vs “Bloated”

Fundamentals are invisible. Features are controversial. One of the few common complaints against Microsoft Edge is that “It’s bloated– there’s too much stuff in it!” A big philosophical question for designers of popular software concerns whether the product should include features that might not be useful for everyone or even a majority of users. ThereContinue reading ““Batteries-Included” vs “Bloated””

Unexpectedly HTTPS?

While I’m a firm believer that every site should be using HTTPS, sadly, not every site is yet doing so. Looking at Chrome data, today around 92% of navigations are HTTPS: …and the pages loaded account for around 95% of browsing time: Browsers are working hard to get these numbers up, by locking down non-secureContinue reading “Unexpectedly HTTPS?”

Smarter Defaults by Paying Attention

As a part of every page load, browsers have to make dozens, hundreds, or even thousands of decisions of varying levels of importance: should a particular API be available? Should a resource load be permitted? Should script be allowed to run? Should video be allowed to start playing automatically? Should cookies or credentials be sentContinue reading “Smarter Defaults by Paying Attention”

Adding Protocol Schemes to Chromium

Previously, I’ve written a lot about Application Protocols, which are a simple and popular common mechanism for browsers to send a short string of data out to an external application for handling. For instance, mailto is a common example of a scheme treated as an Application Protocol; if you invoke mailto:someone@somewhere.com, the browser will convertContinue reading “Adding Protocol Schemes to Chromium”

Lock down web browsing using Kiosk Mode

Browsers get used in many different environments. Today, I take a look at scenarios where there’s either no interactive user (digital signage) or a potentially malicious user (internet kiosks). Digital Signage (fullscreen) Requirements In the Digital Signage scenario, there’s a full-screen webpage rendering and there are no user-accessible input devices– the canonical example here wouldContinue reading “Lock down web browsing using Kiosk Mode”

Microsoft Edge’s Many Processes

Chromium-based browsers like Microsoft Edge use a multi-process architecture for reliability and security reasons. tl;dr For reliability, Process isolation means that if one process crashes, the entire browser need not go down. For example, if a page on leaky.com has a memory leak that’s so bad that its tab crashes with an out-of-memory error, yourContinue reading “Microsoft Edge’s Many Processes”

Download Blocking by File Type

Last Updated: 16 August 2022 I’ve previously gushed about the magic of the File Type Policies component — a mechanism that allows files to be classified by their level of “dangerousness”, such that harmless files (e.g. .txt files) can be downloaded freely, whilst potentially-dangerous files (e.g. .dll files) are subjected to a higher degree ofContinue reading “Download Blocking by File Type”

Per-Site Permissions in Edge

Last year, I wrote about how the new Microsoft Edge browser mostly ignores Security Zones (except in very rare circumstances) to configure security and permissions decisions. Instead, in Chromium per-site permissions are controlled by settings and policies expressed using a simple syntax with limited wildcarding support. Settings Page’s Site Permissions and Group Policy Internet ExplorerContinue reading “Per-Site Permissions in Edge”