Secure Browsing Mode (SBM v1.2)

It is widely accepted today that web applications are inherently insecure. A lot of energy was invested in the past years into making web applications more secure, but there is only so much we can do with the fundamentally insecure foundation. This brief document proposes a set of possible browser improvements that would allow us to establish, gradually, a secureenvironment for web applications.

As you know TCP/IP is insecure because the creators didn't think about its future growth. It is badly designed if you believe in security. If we want to be pragmatic and not make dreams about some better alternative for TCP/IP - which is impossible at least for now -, we can work on some minor security improvements in some parts for example web applications. Read this article (pdf file) written by Ivan Ristic. This article's main goal is to:

1. Reduce impact of insecure web applications by making the client devices more
security-savvy.
2. Create new, well-designed, standards to replace current insecure practices

I alse saw a presentation pdf file named "Case Studies in Finding Previously Unknown Vulnerabilities in Web Applications" in Kenneth Belva's Blog
which lists the main points to consider while developing webbased applications - but in the opposite aspect!