In most cases a vulnerability like this will not significantly increase your risk of exploitation as most web sites store passwords in cookies anyway, which are supposed to be readable by javascript from the originating site. If I can run a script on a myspace profile that you visit I can get your password from the cookie that myspcace stores on your machine.
Most of my music collection was ripped off last.fm. It's actually faster than BitTorrent, and I don't have to think about who I might like to listen to when I'm on the bus while I'm at my computer. I can snarf down twenty gigabytes of music and decide what I want to listen to when I actually want to listen to it. The bitrate, while different for different tracks, is usually 320kb/s.
I've had my Casio FX-9750G Plus for a few years now after my TI was stolen, and I really like it. Aside from it being WAY cheaper than the TI-83 Plus at $50 (the TI is over $100) and has all of the same features. If you need fancy calculus features it doesn't have them, but that shouldn't be a problem for 10th grade. The BASIC dialect that it uses is a bit different, too, but it's not any more painful to use than TI BASIC.
I'm wondering what sort of checking IE does on alert() and prompt() calls, and on and tags. If you can force an error would it be possible to run arbitrary code this way?
There was a talk about this at the most recent HOPE conference by the head of Toool. The audio is avalable for download (128kbps, 16kbps).Toool also has a paper on the subject.
Slashdot Mirror
In most cases a vulnerability like this will not significantly increase your risk of exploitation as most web sites store passwords in cookies anyway, which are supposed to be readable by javascript from the originating site. If I can run a script on a myspace profile that you visit I can get your password from the cookie that myspcace stores on your machine.
Most of my music collection was ripped off last.fm. It's actually faster than BitTorrent, and I don't have to think about who I might like to listen to when I'm on the bus while I'm at my computer. I can snarf down twenty gigabytes of music and decide what I want to listen to when I actually want to listen to it. The bitrate, while different for different tracks, is usually 320kb/s.
I've had my Casio FX-9750G Plus for a few years now after my TI was stolen, and I really like it. Aside from it being WAY cheaper than the TI-83 Plus at $50 (the TI is over $100) and has all of the same features. If you need fancy calculus features it doesn't have them, but that shouldn't be a problem for 10th grade. The BASIC dialect that it uses is a bit different, too, but it's not any more painful to use than TI BASIC.
I'm wondering what sort of checking IE does on alert() and prompt() calls, and on and tags. If you can force an error would it be possible to run arbitrary code this way?
There was a talk about this at the most recent HOPE conference by the head of Toool. The audio is avalable for download (128kbps, 16kbps).Toool also has a paper on the subject.