Ever wondered why there is so much stress on using the right browser?

What do browsers really do? They take code (HTML, JavaScript) written by other people and execute it on your laptop to render the webpage. Sounds scary when you put it that way from security point of view since a user written code can execute anything it wants on your system.

Chromium handles this by separating the rendering engine from the system accessors. Code in chrome has minimum permissions which does not let the rendering code direct access to the file system. It can do so only through APIs (e.g. while adding attachments in email). For a breach in Chromium, an attacker needs to inflitrate both the rendering engine and the system handlers (increasing depth). This method stops innumerable attacks and is almost unbreakable.

Next time a shady page asks you to download a browser, think again.

Here’s the paper discussing the architecture -

https://lnkd.in/fNerx-j