tag:dreamwidth.org,2010-05-25:518129 Testing, hacking, and Open Source Rick Scott 2010-05-25T17:02:43Z tag:dreamwidth.org,2010-05-25:518129:1512 2010-05-25T17:02:43Z 2010-05-25T17:02:43Z public 0 <p>I admit, I'm not super-knowledgeable about security. I know some of the fundamentals, but not a great deal beyond that.</p> <p>Still, in my early days on the 'net I got the distinct impression that <strong>allowing random people to execute arbitrary code on your computer is bad</strong>. I mean, that's somebody else using your computer to do stuff without your knowledge or consent, right? That's why attacks like this really, really make me shake my head (NSFW, offensive, <em>turn off javascript before following</em>):</p> <pre>hxxp://encyclopediadramatica.com/Firefox_XPS_IRC_Attack </pre> <p>Despite all this, somehow today's ordinary browsing experience consists of downloading pages full of arbitrary javascript written by any random person who controls a website, then blithely running them on your machine.</p> <p>I don't get it. Where did we go wrong?</p> <p>(PS. Firefox users: <a href="http://noscript.net/">NoScript</a> is your friend. =)</p><br /><br /><img src="https://www.dreamwidth.org/tools/commentcount?user=rickscott&ditemid=1512" width="30" height="12" alt="comment count unavailable" style="vertical-align: middle;"/> comments