//
you're reading...
Geek Stuff, Rants, Security

JavaScript Malware(!?)

Last December 7th, Tom Liston, a Senior Security Consultant at Intelguardians, submitted a post to the Diary of the Internet Storm Center.

While I agree that the code was not very smart but what is particularly amusing (or annoying) about this post is that he refered to JavaScript as a “toy language” and JavaScript programmers as “wanna-be-big-boy-programmers”.

Has this guy seen what JavaScript can do? Does he not know the power of Firefox extensions completely written in JavaScript? For a Security Specialist, he seem a bit out of place running a “toy browser” called Internet Explorer. I know most professionals in this field use the big boy’s browsers: Firefox, Opera and Safari.

Turns out, it was the JavaScript jockey who wasn’t so clever. Dude…
if you’re out there and reading this, take some notes, ok? You can’t
access a string using array notation: “a[c]” doesn’t work. Here’s how
you fix it: you need to replace “a[c]” with “a.substr(c, 1)”

Now, it is safe to confirm that he is indeed using IE. Because he is correct, you cannot access a string using array notation in IE. It doesn’t necessarily mean that if something doesn’t run on your browser, it will fail in all other browsers because array notaion works perfectly with Firefox and Opera. Tried, tested and proven. πŸ˜›

Advertisements

About princess of antiquity

Abbi Cabanding is a member of the Security Bloggers Network and had been blogging on information security since 2006. She is also a member of the Association for Computing Machinery. She studied Computer Science and Fine Arts at the University of the Philippines - Diliman.

Discussion

2 thoughts on “JavaScript Malware(!?)

  1. Hey Abbi…

    Just an FYI – I tagged you in a game of blog tag.

    http://www.episteme.ca/index.php?/archives/196-Blog-Tag-Top-Ten-Security-Trends-for-2007.html

    I figured you’d have an interesting perspective.

    -Mike

    Posted by Mike Murray | December 19, 6:37 am, 6:37 am
  2. Thanks, Mike! πŸ™‚

    I’ll be posting it soon. πŸ™‚

    Posted by abbi | December 20, 11:36 am, 11:36 am

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Sin of Silence E-Book


SIN OF SILENCE:
THE STORIES OF OUR DAYS
download:
single-page view
two-page view

On Wordpress

  • 94,967 readers

Subscribe via FeedBurner

Enter your email address to receive notifications by email.

Princess of Antiquity on Twitter

Error: Twitter did not respond. Please wait a few minutes and refresh this page.

RSS Princess of Antiquity on Tumblr

  • An error has occurred; the feed is probably down. Try again later.

Creative Commons

Creative Commons License
Original content in this work is licensed under a Creative Commons License.
%d bloggers like this: