3 comments

[ 2.6 ms ] story [ 17.0 ms ] thread
TL;DR "It would take us a couple of months to get this feature out. I think it would be mostly moot at that point."
>"I think it would be mostly moot at that point."

I think that's stunningly naive.

This is bad engineering. Should browsers run a full suite of tests? How would you detect a version which has an old number but had just the patch applied? Why not test for other vulnerabilities whilst we are at it?

A browsers job is to browse the Internet using agreed protocols. If you want to create an addon that checks websites for vulnerability of the month because you are more security conscious then fine. Just lets not push the problem to someone else.