|
Posted by Ed Jay on January 25, 2008, 4:11 pm
Please log in for more thread options aoksite1@gmail.com scribed:
>> aoksi...@gmail.com scribed:
>>
>>
>>
>> >> aoksi...@gmail.com scribed:
>>
>>
>> >> >> > aoksi...@gmail.com scribed:
>>
>> >> >> > >One significant reason for disabling JavaScript when browsing the
>> >> >> > >Internet is that it is a definite security hazard to the user if they
>> >> >> > >have JavaScript enabled. There is a lot of malicious code on web
>> >> >> > >sites that uses JavaScript to infect the user's computer with
>> >> >> > >malicious code.
>>
>> >> >> > Please elaborate by providing an example of how js can be used to
compromise
>> >> >> > a user's computer with malicious code.
>> >> >> > --
>> >> >> > Ed Jay (remove 'M' to respond by email)
>>
>> >> >> You have to be kidding. If you need examples,
visithttp://groups.google.com/group/stopbadwareorhttp://www.stopbadware.or....
>>
>> >> >> Daniel
>>
>> >> >>http://a-ok-site.com
>>
>> >> >Sorry, I really thought you were kidding. But your post to the other
>> >> >grouphttp://groups.google.com/group/comp.lang.javascript/topicsshows
>> >> >you weren't. Take some time and check out the stopbadware group it
>> >> >has a lot of great info.
>>
>> >> You have good eyes, but my post to the js group is intended to start a
>> >> discussion, not to answer the base question. As I said in my query there, I
>> >> believe your statement to be false, i.e., js cannot be used to infect a
>> >> user's machine without the user's express permission.
>>
>> >> I checked the stopbadware group. They're not talking about js being used to
>> >> infect a user's machine. They're talking about js being injected into
>> >> existing sites (hacking). They talk about badware on a user's machine, but
>> >> that badware has to be downloaded and executed, e.g., an attachment, exe
>> >> file, or packaged clandestinely with another application.
>>
>> >> AFAIK, your statement is an artifact from years past when it was
incorrectly
>> >> propagated that js was a security risk. It isn't (afaik).
>> >> --
>> >> Ed Jay (remove 'M' to respond by email)
>>
>> >It seems funny to me that Google is flagging the web sites as
>> >containing malicious code and that they may cause harm to your
>> >computer.
>>
>> Citation please, because that's not what they are saying.
>> --
>> Ed Jay (remove 'M' to respond by email)
>
>For the people who accept new info here is one link to a direct
>infection caused by JavaScript
http://groups.google.com/group/stopbadware/browse_thread/thread/5d4187b832224f51
>there are many more.
>
New info? LMAO! The thread is about an infected WEB SITE, not a User's
computer!!! :-))
This 'debate' is exactly why things that should not need to be debated
anymore continue to be debated. Because no matter how many facts you place
in front of someone, no matter how many beliefs are proven to be
nonsensical, they remain intractable and hold on to their false memes...and
add to them. When they are trapped by the facts, they refuse to admit they
were mistaken, and instead resort to ad hominem attacks.
--
Ed Jay (remove 'M' to respond by email)
| 
XML Sitemap