On Dec 25, 2005, at 9:37 PM, Walter Dnes wrote:
On Mon, Dec 19, 2005 at 08:12:13PM -0600, John Jolet wrote
and your pick for client-side portable code is???
Client-side code is inherently risky. The website is executing a
program on your machine. It's not that much different from allowing
people to telnet on to your machine anonymously and run programs. You
face similar privilege-escalation attacks. And Windows boxes are
being
"administered" (if you can call it that) by computer-illiterate Joe
Sixpack, not his geeky cousin Joe Sysadmin.
Sure, Java started out from square 1 with a "sandbox" or "Virtual
Machine". That didn't stop vulnerabilities from showing up in Java.
Netscape's Livescript (damn the @##holes for renaming it Javascript)
started off with so little power that the attitude was "Sandbox? We
don't need no steenkin sandbox.". As Javascript's power grew, that
decision has come back to bite, especially on Windows, but there have
been a few multi-platform security bugs.
Frankly, I quite agree. Unfortunately, it's very difficult to do the
kind of nifty things the marketing folks like so much without some
sort of client-side code. And it's virtually impossible to make the
sort of application-like sites that swell the heart of "web services"
aficionados. I have always recommended against any sort of client-
side requirement (on those rare occasions when someone actually asks
the sysadmin his opinion on design and security).... but that's a
battle marketing almost always wins. It's no coincidence that the os
with the least security turned on by default has the largest market
share. Security takes effort, and 90% of the people would rather
wade naked in the cesspool than try to understand the concepts
necessary to mediate that risk.
--
Walter Dnes <[EMAIL PROTECTED]> In linux /sbin/init is Job #1
My musings on technology and security at http://tech_sec.blog.ca
--
gentoo-user@gentoo.org mailing list
--
gentoo-user@gentoo.org mailing list
