Home > Developer > JavaScript

JavaScript coding errors will cause network disasters _ Javascript tutorial

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >
JavaScript: JavaScript coding errors will cause network disasters. Javascript tutorial

March 26, according to malware researchers, web developers with JavaScript coding errors and experience using new programming technologies will pose a serious threat to many websites and users accessing these websites.

According to the InfoWorld website, Billy Hoffman, the main research engineer of SPI Dynamics software, delivered a speech at the ShmooCon hacking conference held on March 24, saying, the SPI penetration tool used by enterprises has caused some security problems in online websites and applications.
 
He said the threats are concentrated on JavaScript errors and insecure use of network service programming languages such as AJAX in many popular websites and applications.

In addition to vulnerabilities opened in network applications, Hoffman also describes how hackers use JavaScript and AJAX-based tools to find new security vulnerabilities on the network and perform cross-site scripting attacks.

Hoffman said that over the past two years, we have seen many bad things in JavaScript, including Cookie Theft, key record recording, screen capturing, and various phishing attacks. Currently, JavaScript is also used for port scanning, making malicious software for self-propagation, and stealing historical browser data.

The researchers said many well-known websites have JavaScript security vulnerabilities. He demonstrated how to forge content on the webpage of a news website by using a proof-of-concept code based on a JavaScript Security vulnerability on the CNN.com website.

Hoffman said the issue was reported on the security forum a few months ago and CNN was notified. However, this vulnerability is not fixed yet.

Malicious Code writers are using this technology to create cross-site scripting threats, misleading consumers to provide their own passwords, allowing hackers to access the personal information of these users.

Hoffman said people should understand the severity of these problems. If software developers ignore these problems, they will cause a disaster. We need to try to change the software development and security industry so that they can understand the potential dangers of these errors.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
javascript errors notifier firefox show javascript errors new relic javascript errors coding bootcamp javascript cracking coding interview javascript javascript coding standards pdf javascript coding bootcamp

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More