The article lists the basic goals of system configuration, which are derived from basic security principles (e.g., least privilege, containment, etc.):
- Build for a specific purpose and only include the bare minimum needed to accomplish the task.
- Protect the availability and integrity of data at rest.
- Protect the confidentiality and integrity of data in motion.
- Disable all unnecessary resources.
- Limit and record access to necessary resources.
I think these goals should be applied especially for online banking applications in the context of phishing attacks. Having full-featured, complex web browser applications seems not to be the right basis for such tasks, does it? Well, maybe the idea of browser compartments is a good starting point…