November 26, 2004 spout

Hurray for IE QA!


It appears that the overall quality of code, and more importantly, the amount of QA, on various browsers touted as secure’, is not up to par with MSIE; the type of a test I performed requires no human interaction and involves nearly no effort. Only MSIE appears to be able to consistently handle [*] malformed input well, suggesting this is the only program that underwent rudimentary security QA testing with a similar fuzz utility.

This is of course not to say MSIE is more secure; it does have a number of problems, mostly related to its security architecture and various features absent in other browsers. But the quality of core code appears to be far better than of its secure’ competitors.

[*] Over the course of about 2 hours; I cannot rule out it would exhibit problems in a longer run.”