Does it take two browsers to make surfing safe?

PHP author says using one browser is insane because nine out of 10 Web sites having cross-site scripting holes

The theory, the practice

But an idea that is not bad in theory may not be smart in practice, both security experts said. "It's just not feasible for the average user," said Huger.

"The reality is most users wouldn't know which one to run when," Thompson said.

Ironically, Lerdorf's PHP is a major cause of Web site vulnerabilities. According to Danish bug tracker Secunia APS, the most up-to-date version of the scripting language has been tagged with eight flaws since its November 2006 release. Six remain unpatched.

Lerdorf acknowledged last week that PHP's popularity and insecurity are parts of the XSS problem. There "is not much we can do" to tighten up PHP, he said during the keynote.

Correct, said Huger. "The vast majority of cross-site scripting vulnerabilities are because of the programmer," he said. Amateur developers often try their hand at PHP, with sometimes disastrous results, Huger said.

What's a user to do if the two-browser concept is so inconvenient as to be unreasonable? Use reason, said Huger. "Be very careful where you shop online, who you give credit card number to, how you get to your online bank," he recommended. "If you follow that advice, you'll be in good standing."

Join the PC World newsletter!

Error: Please check your email address.

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Show Comments

Cool Tech

Crucial Ballistix Elite 32GB Kit (4 x 8GB) DDR4-3000 UDIMM

Learn more >

Gadgets & Things

Lexar® Professional 1000x microSDHC™/microSDXC™ UHS-II cards

Learn more >

Family Friendly

Lexar® JumpDrive® S57 USB 3.0 flash drive 

Learn more >

Stocking Stuffer

Plox Star Wars Death Star Levitating Bluetooth Speaker

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest News Articles


GGG Evaluation Team

Kathy Cassidy


First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni


For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell


The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi


The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott


My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?