Re: Re: Javascript and plugging holes

Cart

XML Editor - Download a Free Trial >

See What's New >

Buy Now >

[Home] [By Thread] [By Date] [Recent Entries]

From: "Simon St.Laurent" <simonstl@s...>
To: xml-dev@l...
Date: Fri, 10 Dec 2010 12:36:45 -0500

On 12/10/10 10:02 AM, Stephen Green wrote:
>> At the same time, Mobile Device manufacturers are pushing for the opposite.
>> They want JS to do MORE not LESS.
>
> The virus-script-kiddies haven't paid so much attention to smartphones
> yet, I guess.

There are lots of security holes in JavaScript and the Web environment, 
and many of them happen to work on phones too now.

This is a known problem - Douglas Crockford (creator/extractor of JSON) 
spoke about it at XML 2007, and there's some discussion of it in this 
interview too:

<http://answers.oreilly.com/topic/1483-doug-crockford-discusses-javascript-html5-security-issues/>

I'd watch all of it, but security comes up around 2:12 and 4:23 in an 
HTML5 context.

-- 
Simon St.Laurent
http://simonstl.com/

Follow-Ups:
- Re: Re: Javascript and plugging holes
  - From: Bill Lindsey <bill@b...>

References:
- Javascript and plugging holes was: Cross-domain loading of XML
  - From: Stephen Green <stephengreenubl@g...>
- Re: Javascript and plugging holes
  - From: Henri Sivonen <hsivonen@i...>
- Re: Re: Javascript and plugging holes
  - From: Stephen Green <stephengreenubl@g...>
- Re: Re: Javascript and plugging holes
  - From: Stephen Green <stephengreenubl@g...>
- RE: Re: Javascript and plugging holes
  - From: "David Lee" <dlee@c...>
- Re: Re: Javascript and plugging holes
  - From: Stephen Green <stephengreenubl@g...>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]

XML Editor - Download a 15 Day Free Trial Now >

See What's New in Stylus Studio >

Buy Stylus Studio - XML Editor - Now >