@@ -133,7 +133,7 @@ In the present document "**should** ", "**should not** ", "**may** ", "**need no
# Executive summary
# Executive summary
Browsers represent one of the most complex and security-critical software products in modern computing, serving as the primary gateway between users and internet resources while processing untrusted content from millions of sources daily. The browser's architecture encompasses multiple interconnected subsystems—including rendering engines, JavaScript execution environments, network stacks, and extension frameworks, each presenting distinct attack surfaces that must be defended while maintaining performance, compatibility with legacy web content, and user autonomy.
Browsers represent one of the most complex and security-critical software products in modern computing, serving as the primary gateway between users and internet resources while processing untrusted content from millions of sources daily. The browser's architecture encompasses multiple interconnected subsystems—including rendering engines, JavaScript/WebAssembly execution environments, network stacks, and extension frameworks, each presenting distinct attack surfaces that must be defended while maintaining performance, compatibility with legacy web content, and user autonomy.
Unlike traditional security products that can enforce restrictive controls, browsers must balance protection against an evolving threat landscape with respect for user choice, creating unique challenges where users may deliberately choose to visit malicious sites, install risky extensions, or disable security features. The browser's multi-layered trust model, spanning from the highly privileged browser core through semi-trusted extensions to completely untrusted web content, requires sophisticated isolation mechanisms, granular permission systems, and careful mediation of system resource access.
Unlike traditional security products that can enforce restrictive controls, browsers must balance protection against an evolving threat landscape with respect for user choice, creating unique challenges where users may deliberately choose to visit malicious sites, install risky extensions, or disable security features. The browser's multi-layered trust model, spanning from the highly privileged browser core through semi-trusted extensions to completely untrusted web content, requires sophisticated isolation mechanisms, granular permission systems, and careful mediation of system resource access.
@@ -159,9 +159,9 @@ Within the context of an operating system, browsers are user-applications with a
The activity of browsing can be defined in the following steps:
The activity of browsing can be defined in the following steps:
1. A machine accesses remote resources and source code, such as HTML, JavaScript, and CSS.
1. A machine accesses remote resources and source code, such as HTML, JavaScript/WebAssembly, and CSS.
2. This source is represented visually, acoustically, or in some other form.
2. This source is represented visually, acoustically, or in some other form.
3. The user interacts with this representation by looking, reading, entering data, clicking, etc.
3. The user interacts with the rendered representation through input and output interfaces, including visual observation, text entry, pointer interaction, or other supported input modalities.
