« Wednesday Weltschmerz | Main | Friday Folie de Grandeur »

Thursday Thaumaturge

JavaScript is a tool that some programmers use to build web sites. However, as with most tools, they can be misused. I don't know the exact number, but there appear to be numerous JavaScript-based security exploits. Said exploits take advantage of "features" that may include the running of arbitrary code.

Hence, many security minded users simply turn JavaScript execution off as this is the only way to have a 100 percent barrier against this kind of exploit.

So, what is a JavaScript programmer to do? If you use JavaScript you are guaranteeing a certain percentage of your site visitors will not be able to use your site as you intended it. For a commercial site, this translates into lost business. As Martha would say, this is not a Good Thing.

One solution is to use the tools that XHTML and CSS have.

For example, this site here created accessible image tab rollovers without the crutch of JavaScript. Now, I am the first to say that using CSS opens up a whole new world of browser incompatibility. But what it doesn't do, as far as I know, is open your PC to l33t hax0rs to ownz U.

I am glad that people are making imaginative use of the tools to work around JavaScript. I wish more would do the same. If they did, the cyber world would be a safer and more accessible place.


Mail Call

To: Dan Seto
From: Sjon Svenson
Subject: Novell ...
Date: Thu, 02 Oct 2003 05:11:58 -0700 (PDT)

Novell ....
I think I now know what you mean. I took my PC (NT4) to a client that runs a Novell network. Of course I couldn't connect so we called a support guy from the client. He started installing a netware client. For some reason that didn't turn out right. Yep, by noon I was back in the main office with a PC where no one could log on to anymore.

ps. I'm not on my own box now so I don't have your eMail address (I don't even have a mail-client installed). And I don't know it by heart. But hey, you have a 'contact me' on your page so I pulled your address from the HTML source. Yep, simple and easy ... I did crack it without using tables or looking up codes though ^__^

Kind regards,
Svenson.


From: Dan Seto
To: Sjon Svenson
Subject: Re: Novell ...
Date: Thu, 2 Oct 2003 06:29:02 -1000

I think the problem with Novell goes back years to the DOS wars when they tried to compete against MS DOS by pushing, I think DR DOS. As I recall, MS did not take kindly to that and thereafter refused to help Novell with the code needed to access MS networks.

Unless I'm wrong, it was about then that MS started writing their own client. As it turned out, MS did a better job of reverse engineering the Novell client than Novell did of reverse engineering Windows...

Glad you were able to decipher the encoded mailto. It usually works just fine when you have a default mail client installed and click on the link. Otherwise, as you probably saw, if you hover your mouse cursor over the link, it's almost readable (it's encoded to try to slow down the spammers).

Aloha!

About

This page contains a single entry from the blog posted on October 2, 2003 8:47 AM.

The previous post in this blog was Wednesday Weltschmerz.

The next post in this blog is Friday Folie de Grandeur.

Many more can be found on the main index page or by looking through the archives.

Creative Commons License
This weblog is licensed under a Creative Commons License.
Powered by
Movable Type 3.34