In computer security there is a maxim -- security is simple. It doesn’t mean that security is easy to implement. It means that in order to have good security, keep your tools simple. The World Wide Web may have started off simple enough with static HTML language statements, but today it is a fully mature development environment. Browsers are trying to be all things to all people and include new functionality every day. Internet security is still not given the consideration it deserves. A good browser must do its best to match functionality against end user protection. There are many ways that malicious coders can use browsers to attack computer systems. Chapter 9 discusses HTML and scripting attacks and how to prevent them.