Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: New (19.10.05) MS-IE Url Spoofing bug (byK-Gen)
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Fri, 21 Oct 2005 19:54:46 +1300

Paul Schmehl to Valdis:

OK, so who designed the Javascript security model?


Ahh -- trick question!

There is NO "Javascript security model" so Netscape cannot have 
designed it...


Seriously, Javascript was the single worst thing that ever happened to 
browsers (and the only really stupid, bad thing that is not squarely on 
MS' shoulders) and permanently opened the whole, stupid "active 
content" can-o-worms...


Nick FitzGerald

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]