Kinda cool. My startup makes a sandboxing plugin for Firefox, but we plan to extend it to Chrome and IE later. Our sandbox works by doing all the browsing on a completely different computer - sort of a super sandbox.
Cilent side: Firefox plugin for graphics and extension for browser integration. Server side: openvz for process isolation, webkit for browsing, openssl for crypto. I started using vnc as the protocol but it is too slow. Now I'm using NX.
You can do the automatic sign ups with extensions pretty easily.
As for the offline access native apps: does each site then have to write a native app module for your browser for it to work. This doesn't sound like something you can do without work from each site owner.
The same for locally stored data. You could keep a local copy of any files you upload to sites, but if you are uploading, you already should have a copy. But you can't do anything in a browser to make facebook serve images from your computer instead of theirs. This is another feature which requires work from every site to make happen.
The solutions mentioning IP addresses won't solve the problem. For someone to use firesheep to steal session keys, they have to be on the same network, such as a coffee shop's wifi. Your website will see any request from that network as the same IP address.
this solution will not stop the attacker until he leaves the coffee shop.
Does anyone have any thoughts or experience with testing the "bargain-bin" hypothesis with subscription based payments?
I can see a one time purchase of $10 for a piece of software as appearing cheap, and therefore low quality. But what about a $10/year charge, or $10/quarter.
man, I have been thinking this for years. If ilaws were written in code there would be no reason to have judges or lawyers. We have those only because spoken language is ambiguous and open to interpretation.
Great point. Your question reminded me of the scene from Aviator: "Dr. Branson is a mathematician of some note...yes. And he will prove that, in fact, Ms. Russell's mammaries are no more prominant than any of these other fine ladies. Doctor? Doctor... you forgot your calipers."
that's my point. If something can't be specified unambiguously in code, it shouldn't be in a law. Whether the verdict is innocent or guilty shouldn't rest on who happens to be sitting on the bench that day.
