|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-disclosure] New (19.10.05) MS-IE Url Spoofing bug (byK-Gen)
From: Nick FitzGerald (nick
virus-l.demon.co.uk)
Date: Fri Oct 21 2005 - 01:54:46 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Paul Schmehl to Valdis:
> > OK, so who designed the Javascript security model?
>
> Netscape.
Ahh -- trick question!
There is NO "Javascript security model" so Netscape cannot have
designed it...
...
Seriously, Javascript was the single worst thing that ever happened to
browsers (and the only really stupid, bad thing that is not squarely on
MS' shoulders) and permanently opened the whole, stupid "active
content" can-o-worms...
Regards,
Nick FitzGerald
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]