Imagine somebody who spends a majority of his or her television time glued to one channel. (We know such folks.) Imagine, further, that the minimal time spent on other channels creates tremendous instability in the system and -- since those other channels are teeming with viruses and malware -- security risks.
The solution may be disarmingly simple: Build a television that receives only the one channel.
That's a facetious scenario, of course. But the concept seems to be gaining credibility in tech circles, where site-specific browsers (SSBs) are generating attention. Andrew Jaquith, blogging at Security Metrics, says that SSBs could become a key security tool:
In essence, instead of having banks worry about whether the user's general-purpose browser is secure, why not require the user to run a dedicated browser that won't allow access to websites other than those its creator intended?
This Web Worker Daily post lists a number of reasons to use SSBs. They include removing distractions and saving the browser that is connected to a particular site all day from crashing due to an instability generated by a site running in a different window. The post, which doesn't mention security, does offer a good overview of the leading SSBs. These include Mozilla Prism -- a Firefox spinoff -- and two OS X-only entrants, Fluid and Hana. These posts at Ajaxian and The Unofficial Apple Weblog look at Fluid. The latter also links to posts on SSBs for Gmail and Google Calendar. <!--[endif]-->
This Mozilla post discusses Mozilla Labs' launch of experiments on the future of browsing. The blogger says that the first of these is based on Webrunner, which now is in the Mozilla Labs code repository under the name Prism. The rest of the post describes what Mozilla goal for the Prism SSB. The simple explanation is that Prism will be a "Web platform integrated into the desktop experience."
Two things are clear from the coverage of SSBs. One is that little of the coverage mentions security. (In addition to Jacqith's post, security is mentioned in the comments of this older post at Mark Finkle's Weblog.) The other point is that SSB's still are the province of the very geeky.
The posts suggest that there aren't intractable technical hurdles to surmount, though it seems that it will be a while before these tools are widely used. The wild card is if a compelling reason -- a "killer app," in older parlance -- comes along. Securing online transactions could be just such an application.