|
| ▲ | runjake 14 hours ago | parent | next [-] |
| Here's a rough break down, formatted best I can for HN: Safari (closed source)
├─ UI / tabs / preferences
├─ macOS / iOS integration
└─ WebKit framework (open source) ~60%
├─ WebCore (HTML/CSS/DOM)
├─ JavaScriptCore (JS engine)
└─ Web Inspector
|
|
| ▲ | hu3 15 hours ago | parent | prev | next [-] |
| There's much more to a browser than JS engine. They picked to most open-source one. |
| |
| ▲ | SahAssar 14 hours ago | parent [-] | | WebKit is not open source? Sure there are closed source parts of Safari, but I'd guess at least 90% of safari attack surface is in WebKit and it's parts. | | |
| ▲ | Normal_gaussian 14 hours ago | parent [-] | | In many cases, the difference between a bug and an attack vector lies in the closed source areas. This is going to be the case automating attack detection against most programs where a portion is obscured. | | |
| ▲ | rs_rs_rs_rs_rs 13 hours ago | parent | next [-] | | >In many cases, the difference between a bug and an attack vector lies in the closed source areas. You say many cases, let's see some examples in Safari. | |
| ▲ | dwaite 13 hours ago | parent | prev [-] | | However, Firefox also needs to use the closed source OS when running on Windows or macOS. There are also WebKit-based Linux browsers, which obviously do not use closed-source OS interfaces. My pessimistic guess on reasoning is that they suspected Firefox to have more tech debt. |
|
|
|
|
| ▲ | g947o 14 hours ago | parent | prev [-] |
| Apple is not the kind of company that typically does these things, even if the entire Safari is open source. |
