On Tue, Dec 20, 2011 at 7:00 PM, coderman <coder...@gmail.com> wrote:
> On Tue, Dec 20, 2011 at 9:40 AM, Charles Morris <cmor...@cs.odu.edu> > wrote: > > I'm curious what everyone's opinion is on the following question... > > esp. to any FF dev people on list: > > > > Do you think that the Firefox "warning: unresponsive script" is meant > > as a security feature or a usability feature? > > anyone who said "security feature" is an idiot and/or not thinking clearly. > your security is harmed by malicious script in milliseconds. > this does nothing to protect you from anything.* > > it is purely a usability feature in response to shitty developers > writing shitty webapps leading to excessively long script execution > (which can thus be terminated if desired once this warning presents) > > > * someone may say "availability is a security requirement!". true, but > then a modem link to web 2.0 is a DoS, and there's simply no point > going down that road... > > Absolutely correct. There's effectively an infinite number of temporary DoS attacks against browsers. They're fragile enough in this space that "exploits" are *accidentally* stumbled upon by devs.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/