The SilentBanker man-in-the-browser attack depends on malicious code that is integrated into the browser. These browser helpers are essentially unlimited in what they can do. Suggest a design by which such helpers are more rigorously controlled. Does your approach limit the usefulness of such helpers?

What will be an ideal response?

Two
possible
answers:
(a)
Limit
the
API
calls
the
helpers
can
make.
(b)
Allow
only
helpers
from
a
curated
app
store,
similar
to
Apple's
App
Store
for
iOS
devices.

Computer Science & Information Technology

You might also like to view...

Web servers store the files that people can access via the Internet using a browser.

a. true b. false

View

Computer Science & Information Technology

Which of the following is not included in an exception’s stack trace?

a. A descriptive message for the exception. b. The method-call stack at the time the exception occurred. c. The name of the exception. d. Instructions on handling the exception.

View

Computer Science & Information Technology