This article:
http://www.technologyreview.com/computing/22652/((A Blueprint to Stop
Browser Attacks
A software layer protects against cross-site scripting attacks.))
was summarized (and linked to) here:
http://technews.acm.org/archives.cfm?fo=2009-05-may/may-15-2009.html#412080
I think this
neat.
On Fri, May 15, 2009 at 11:49 AM, Mike Schwartz schwa...@acm.org wrote:
This article:
http://www.technologyreview.com/computing/22652/
((A Blueprint to Stop Browser Attacks
A software layer protects against cross-site scripting attacks.))
was summarized (and linked to) here:
Yes, good call, and the content is excellent!
Thanks for the submission; it's IMPORTANT to realize that WE ALL MUST BE
SECURITY EXPERTS; when one is essentially carrying a technology with great
security potential, you don't require your local SECURITY GUY to shoulder
responsibility for it's USE.
On May 15, 2009, at 12:34 PM, Lisa Kachold wrote:
it's IMPORTANT to realize that WE ALL MUST BE SECURITY EXPERTS
Who is 'we'? Programmers/admins/hackers, or the general public?
PGP.sig
Description: This is a digitally signed message part
---
given Lisa's previous rants I'm thinking both, and she would be right.
it is in everyone's best interest to be vigilant.
On Fri, May 15, 2009 at 12:56 PM, Alex Dean a...@crackpot.org wrote:
On May 15, 2009, at 12:34 PM, Lisa Kachold wrote:
it's IMPORTANT to realize that WE ALL MUST BE
Vigilant, but not paranoid. XSS exists for a reason. A better solution
IMHO would be to require the remote content to be signed by a particular
source or something along those lines. Just my 2 cents.
On Fri, May 15, 2009 at 1:30 PM, Stephen cryptwo...@gmail.com wrote:
given Lisa's previous
just because one is paranoid does not mean they are not out to get you :-)
On Fri, May 15, 2009 at 1:38 PM, James Mcphee jmc...@gmail.com wrote:
Vigilant, but not paranoid. XSS exists for a reason. A better solution
IMHO would be to require the remote content to be signed by a particular