Vulnerabilities in the Browser Interface Model
From Chad Dickerson's latest column:

At InfoWorld, our SFA, Web analytics, and CM (content management) systems are currently delivered in the browser, and others are moving in that direction. Clearly, the browser as an application delivery mechanism is here to stay. But is the continuing drive toward the browser ultimately a path to trouble? I’m starting to see some disturbing warning signs....

Part of what we are dealing with has very little to do with technology and more to do with exploits that attack the open philosophy behind the browser and the Web itself. And that’s what worries me most. The location window common to all browsers is infinitely malleable. Anyone who has passed a few moments waiting for a meeting to start by checking a sports score or an eBay auction knows the sense of self-determination the browser brings. IT can control where end-users browse, but should IT actively prevent a salesperson who’s just pulled a 14-hour day from taking a quick peek at a game score while working on a presentation, even if that freedom might lead to preventable spyware infection down the line?

Slightly more than a year ago, I urged IT to end its resistance to technologies that users want, saying: “The days of the paternalistic top-down IT department are nearly gone.” But lately, with the continuing scourge of spyware, phishing scams, and other browser-driven exploits, I’m seeing more end-users running to Papa for refuge from an IT environment that seems to be growing more chaotic rather than less. The browser will remain the center of the IT universe for the time being, but it’s going to be a long fight to keep it there in all its open glory.

Comments

Popular posts from this blog