, 2005-10-20
The Myspace Web worm used a simple vulnerability and XSS to propagate, and it might be a sign of things to come.
Expand all |
Post comment
|
Evolution of Web-based worms
, 2005-10-20 The Myspace Web worm used a simple vulnerability and XSS to propagate, and it might be a sign of things to come.
Expand all |
Post comment
|
|
|
Privacy Statement |
But the real problem here is this: Why should I bother to filter HTML, which should supposedly serve *only* presentation purposes, and be aware of intricate security implications?
Who the hell devised Javascript in the way we know it now? THAT's the problem.
We are dealing with standards and technologies that are difficult to grasp and fully understand, and almost nobody strive to find KISS (Keep It Simple, Stupid!) solutions.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/364/32569#32569