Alarming. How recent was that? Do you know if this is still possible? -- Allen Brown http://brown.armoredpenguin.com/~abrown
> I started religiously running NoScript in Firefox after a colleague of > mine figured out how to write a port scanner in Javascript. So if you > went to his page with Javascript enabled he would able to have you > run a scan of your internal network, as your user, with your > permissions, regardless of firewall settings. So my answer would be > that even if Javascript has gotten safer it doesn't mean that people > haven't figured out clever things to do with it that you wouldn't want > to happen. > > On Wed, Jul 9, 2008 at 3:53 PM, Allen Brown <[EMAIL PROTECTED]> wrote: >> I am moderately paranoid about allowing web sites run javascript >> in my browser. (I use NoScript in Firefox.) Basically I only >> enable it if I know the owner of the site or trust them because >> of who they are. Examples: personal friends or banks. >> >> Am I being unnecessarily paranoid? Has Javascript gotten good >> enough that I can let my guard down? How do you all handle this? >> -- >> Allen Brown abrown at peak.org >> http://brown.armoredpenguin.com/~abrown/ >> Criticism may not be agreeable, but it is necessary. It fulfils >> the same function as pain in the human body. It calls attention >> to an unhealthy state of things. --- Sir Winston Churchill >> _______________________________________________ >> EUGLUG mailing list >> [email protected] >> http://www.euglug.org/mailman/listinfo/euglug >> > _______________________________________________ > EUGLUG mailing list > [email protected] > http://www.euglug.org/mailman/listinfo/euglug > _______________________________________________ EUGLUG mailing list [email protected] http://www.euglug.org/mailman/listinfo/euglug
