There are 3 items of interest that I would like to see Blink defend better against in the future that imo, would set it apart even farther from its competition.
1. XSS Vulnerabilities
2. SWF Exploits - being used extensively! Flash banner ads that are randomly rotated, even on some of the everyday ligitament websites, to infect users via drive-by downloads. Difficult for signature products to keep up with, because all it takes is for the hostile code writer to simply change the Java Script coding to make a different variant that is not detectable once again.
3. Dynamic Code Obfuscation - seen a lot of this too and I don't really know how Blink deals with it.
For example: http://www.finjan.com/Content.aspx?id=1456
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Home users have the ability to use other software options and addons to protect themselves better from these.
Items like FireFox and its "NoScript" addon helps a lot with these threats, however, Enterprise environments are using IE more often, do not support or do not allow FireFox and the use of addons to be used.
So my question is, does Blink already protect from these well enough, or does eEye plan to further harden Blink to protect its users from such emerging threats. Quite frankly, on a day to day basis, these are some of the main vectors of infection and compromise that work and bypass most everything.
Any thoughts?