AJAX May Be Considered Harmful
87C751 writes "Security lists are abuzz about a presentation from the 23C3 conference, which details a fundamental design flaw in Javascript. The technique, called Prototype Hijacking, allows an attacker to redefine any feature of Javascript. The paper is called 'Subverting AJAX' (pdf), and outlines a possible Web Worm that lives in the very fabric of Web 2.0 and could kill the Web as we know it."
So can I hijack slashdot to always get the first post?
Not surprising considering that slashdot is slowly trying to AJAXify itself...
Patch the hole and release Web 2.0.1. Good thing there's already a Web 3.0 in the works.
Society of Hysteria? SOCIETY OF HYSTERIA? aaaaaaaaah! SAVE YOURSELF!
Paul Grosfield - the quicker picker upper.
>(or was it written in FUD?)
Ok, I propose we create a new programming language called FUD. Variables will be assumed to have their most sinister values and be impossible to verify.
A Worm that lives in the very fabric of Web 2.0 and could kill the Web as we know it lurks is the deep dark recesses of the javascript
Who is this masked man known as the worm?
Why does he hate Web 2.0 so much?
Will this worm try to make us revert to Web 1.0?
And does this worm have anything to do with disappearances of Web 1.1 through Web 1.9?
This and much much more on the next epside of Days of our Web 2.0 Lives
I think the invisible hand of the market has its middle finger extended
--A wise old fart named SC0RN
. (or was it written in FUD?)
Sadly, no. The FUD compiler was written in Javascript, and was hijacked.
Haven't RTFA yet, but I doubt it will live up to the hype.
Which hype, AJAX itself or AJAX ending the world?
Does Al Gore know anything about this?
Table-ized A.I.
By enabling development to occur at all. The program that is never written has zero bugs and is therefore the perfect program.
there is no need to sign your posts. this isn't usenet. your username is right there above your post. stop it.