The baseline modern browsers seemed Ok (not impossible to break into, but Ok) but Adobe Reader and Flash made it much easier.

The language of the article was a bit too gee-whizzy for my taste - it was hard to tell if any of them were all that much better than the others.

A story that's a bit clearer to me is - http://www.zdnet.com...uying-7000027331/

- Flash in IE sandbox bypass/overflow
- PDF in IE sandbox bypass/overflow
- IE sandbox bypass/overflow
- Chrome sandbox bypass/overflow
- Firefox sandbox bypass/overflow
- Safari sandbox bypass/overflow

It's great that these competitions are held and that differences are found, but I'm not sanguine that IE is somehow worth using. Devil's in the details.

- click on a link
= Are you sure you want to visit that site? It might be dangerous!
- click Yes.
= Are you really sure? Should I check it for you first?
- click Yes. Click No.

( Site HTML gets run through SBS&D and MS Security Bob and Don't Hijack Me Bro and ... on the client)

( 10,000 cookies are set and read, browser history is uploaded to several ad servers, and everyone is happy because there are no viruses or trojans! )

And so forth... :-/

Virus/Security battles are never-ending. Anything that has write access can potentially infect a computer...

http://en.wikipedia....licating_programs

In 1984 Fred Cohen from the University of Southern California wrote his paper "Computer Viruses – Theory and Experiments".[71] It was the first paper to explicitly call a self-reproducing program a "virus", a term introduced by Cohen's mentor Leonard Adleman. In 1987, Fred Cohen published a demonstration that there is no algorithm that can perfectly detect all possible viruses.[72]


FWIW.

Cheers,
Scott.