As I previously wrote[1], I don't see a real threat here. There are much
richer targets out there like jsfilddle or jsbin. Why are viruses or
malware more common on Windows than Linux? A large reason is because of the
larger pool of potential victims and possibly the sophistication of the
average
On Mon, Jun 6, 2022 at 4:26 PM Elijah Stone wrote:
> What is the threat model here, exactly? Something like this?
The threat models I can imagine fall roughly into these categories:
(1) Induced physical problems -- file deletion, gpu overheating,
denial of service.
(2) Induced social problems
I’d love to see more hackers here,
and there already are quite some.
the press/the media abused that term
hackers are usually good people
it’s malicious people one has to defend against
That being said, I agree as well.
Am 06.06.22 um 22:07 schrieb Henry Rich:
I agree. If we attract users,
What is the threat model here, exactly? Something like this?
- Malicious party provides a link to playground.jsoftware.com/some-j-code
- Naive party is sophisticated enough to check the url before visiting it,
finds it to be trustworthy
- some-j-code immediately redirects to a phishing site
Well-put, Henry.
This dawning awareness comes a little late to the project. But better late
than too-late.
On Mon, 6 Jun 2022 at 21:07, Henry Rich wrote:
> I agree. If we attract users, we will also attract hackers.
>
> Henry Rich
>
> On Mon, Jun 6, 2022, 9:04 PM Ian Clark wrote:
>
> >
I agree. If we attract users, we will also attract hackers.
Henry Rich
On Mon, Jun 6, 2022, 9:04 PM Ian Clark wrote:
> (retrying -- previous attempt apparently not sent…)
>
> Coupled with some sort of ability for anonymous 3rd parties to contribute
> code for others' use, doesn't this feature
(retrying -- previous attempt apparently not sent…)
Coupled with some sort of ability for anonymous 3rd parties to contribute
code for others' use, doesn't this feature pose a security risk to the
casual user?
This might arise if the J Playground were to acquire a fan club or a
special-interest
2!:0'open("https://www.jsoftware.com;)'
Possibly, in the playground we should have browse_j_=: {{2!:0 'open("',y,'")'}}
(Or maybe it would be better to incorporate that concept into the full
definition of browse_j_ ...)
I hope this helps,
--
Raul
On Mon, Jun 6, 2022 at 12:39 AM William Szuch
How can I link to a website from the J Playground ?.
In Qt I can use: browse_j_ 'https://www.jsoftware.com'
Bill Szuch
--
For information about J forums see http://www.jsoftware.com/forums.htm