On Wed, Jul 13, 2005 at 04:16:10PM +0700, Neta wrote: > If your conclusion is right. Why so many internet banking used it? > Do you have any real experiences with your box?
Since 9/11, we all should know the difference between an 'abstract threat' and a 'concrete threat'. JavaScript is an extremely complex language that never was designed with security in mind (at least not from people that took the word 'security' serious). As a result, JS has a high 'abstract threat' level. >From the 'abstract threat', very often 'concrete threats' are created. If you patch you browser frequently, chances are high that you are faster than the 'JavaScript Terrorists' that want to break into your machine. Why so many banks use it? Because they do not take 'abstract threats' seriously. Bernd [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
