[Sussex] JavaScript is no longer secure: TURN IT OFF NOW!
Colin Tuckley
colin at tuckley.org
Mon Aug 14 10:34:10 UTC 2006
Jon Fautley wrote:
> I'm not so sure he is - Al makes a good point. All you can do with this
> code is exploit misconfigured devices. If you allow misconfigured
> devices on your network, there are many other avenues of attack.
I'm inclined to agree. Steve was right to bring it to peoples attention, but
the way he did it smells of scaremongering to me. That is *not* the right
way to do things on a list like this.
regards,
Colin
--
Colin Tuckley | colin at tuckley.org | PGP/GnuPG Key Id
+44(0)1903 236872 | +44(0)7799 143369 | 0x1B3045CE
APATHY ERROR: Don't bother striking any key.
More information about the Sussex
mailing list