[keepamovin]

Correct! The browser is now the key vector because it's the most promiscuous and lascivious-for-code-and-data software on most devices.

Browser-zero days are why I factored out a way to distribute "web RPA agent creation" on any device, with no download - into its own product layer for browser-isolation. It's a legitimate defense layer but main barriers to adoption are operating friction, even tho it makes the task of hackers who want to compromise your network with browser 0-days much harder.

Because of that the RBI aspect is not as popular as ways its being used where you need a really locked down browser, with policies for preventing upload/download, even copy and paste, etc - for DLP (data loss prevention), for regulated enterprises.

Even so I think the potential applications of this tech layer are just starting.

[amne]

Just the other day I went to a website to flash a new firmware on a zigbee dongle. Straight from a chrome tab. wild!

Then it hit me: the only thing keeping a rogue website from sweeping your entire life is a browser's permissions popup.

[keepamovin]

Crazy right? On the whole I think it’s great and wonderful that the web platform has grown into the gorgeous monster that it is. I mean what better than a unified technology to serve us all the worlds information from any device in a basically sandboxed environment. I’m even all for the beautiful way The platform has developed rapidly added capabilities on how the language JavaScript HTMLNCSS has evolved. I think all that is wonderful. And I really enjoyed the ride.

But all of that growth and integration comes with these vulnerabilities, and so the cyber and DLP control aspect of web browsers is a very important one.

If this resonates with you, i invite you to check out my company’s project BrowserBox on GitHub