Richard Cornford wrote:
drclue wrote:
>Richard Cornford wrote:
>>Web site security is largely a matter of exercising and keeping
control where you have control, on your own servers. Letting a
third party inject scripts on the client is sufficiently risky to
make loud assertions of honesty, responsibility and safety
made by the providers of those scripts insufficient justification
for using them.
So let's all ditch our on-line banking , throw out the googlemaps,
turn off our javascript and join our friends huddled in an
undisclosed location, crying loudly about weapons of mass
destruction. :)
Why? Serving scripts from our own servers (and so being certain of what
will be in them) is hardly arduous.
It certainly would appear an arduous attitude
to jump out the box painting our efforts with such a broad brush.
All the scripts in LAMPjack are delivered from our LAMPjack servers
which makes a certified LAMPjack about as dangerous as a Googlemap.
In order to even develop, submit or use a LAMPjack script,
one has to have a verified account and the appropriate site and
session keys.
The target page would also have to cooperate by requesting
the infrastructure wLAMPjack.js and additionally
requesting specific functionality via class entry
<div class="wPoint_x xxx" /to even load a LAMPjack.
Any potential Ads would be injected in a fashion that precludes
cross domain scripting into the LAMPjack/Subscriber context,
as I agree that totally third party content needs to be caged.
Those third parties could also use LAMPjack, but only from their
own context, so those ads would only pose the same threat
as every other ad we see on the internet.
As to monitoring activities , even *YOUR* site logs every
request, right down to my IP address, so in order to avoid
log files we all need to give up using the internet at all
and/or hunker down in the dark nets and pay for fear by
the month, which still does not really protect anyone, but it sells.
As recent years demonstrate, fear sells well. ( A little Y2K anyone?)
Even 9/11 the horrific thing it was , has been abused
to sell hundred of billions of dollars in goods and services.
"commies" has been traded in for "terrorists " and
the lessons of McCarthyism have been forgotten as
the cost of 100% security is the 100% loss of freedom.
I give someone a news ticker , a googlesearch , perhaps
a membership tool , shopping basket or their local weather, and
suddenly we are talking global doom, so lets all hunker down
lock our doors and live in in abject fear, for the
quest of feeling totally secure.
Would a system not using LAMPjack be 100% secure? No.
The only system that comes close is one that's left in it's
shipping carton and never plugged in.
Even banks get hacked on an all to frequent basis,
so the idea is to make the security stiff enough
to exceed the value of the prize.
With a simple vise , a file , and a key, one can make
a master key for all locks of that type w/o ever seeing
the lock or the legitimate key, and so using your logic set
I could justify eliminating the benefit of doors , because
their locks can be opened by some high school kid
Was/Is security kept in mind? Of course.
Will there be challenges? Most certainly.
Are they insurmountable? Certainly not.
My belief is that cross-domain scripting can in conjunction
with server side tools provide a reasonably safe context
in which to conduct it's activities.