This article:
http://www.technologyreview.com/computing/22652/(("A Blueprint to Stop
Browser Attacks
A software layer protects against cross-site scripting attacks."))
was summarized (and linked to) here:
http://technews.acm.org/archives.cfm?fo=2009-05-may/may-15-2009.html#412080
I think this [
neat.
On Fri, May 15, 2009 at 11:49 AM, Mike Schwartz wrote:
> This article:
> http://www.technologyreview.com/computing/22652/
> (("A Blueprint to Stop Browser Attacks
> A software layer protects against cross-site scripting attacks."))
> was summarized (and linked to) here:
>
> http://tech
Yes, good call, and the content is excellent!
Thanks for the submission; it's IMPORTANT to realize that WE ALL MUST BE
SECURITY EXPERTS; when one is essentially carrying a technology with great
security potential, you don't require your local "SECURITY GUY" to shoulder
responsibility for it's USE.
On May 15, 2009, at 12:34 PM, Lisa Kachold wrote:
it's IMPORTANT to realize that WE ALL MUST BE SECURITY EXPERTS
Who is 'we'? Programmers/admins/hackers, or the general public?
PGP.sig
Description: This is a digitally signed message part
---
given Lisa's previous rants I'm thinking both, and she would be right.
it is in everyone's best interest to be vigilant.
On Fri, May 15, 2009 at 12:56 PM, Alex Dean wrote:
>
> On May 15, 2009, at 12:34 PM, Lisa Kachold wrote:
>
>> it's IMPORTANT to realize that WE ALL MUST BE SECURITY EXPERTS
>
Vigilant, but not paranoid. XSS exists for a reason. A better solution
IMHO would be to require the remote content to be signed by a particular
source or something along those lines. Just my 2 cents.
On Fri, May 15, 2009 at 1:30 PM, Stephen wrote:
> given Lisa's previous rants I'm thinking bo
just because one is paranoid does not mean they are not out to get you :-)
On Fri, May 15, 2009 at 1:38 PM, James Mcphee wrote:
> Vigilant, but not paranoid. XSS exists for a reason. A better solution
> IMHO would be to require the remote content to be signed by a particular
> source or somethi