To answer both you and Henrik...

I still see plenty with javascript disabled (even on the cnn.com and powerext.com site). I hit scores of sites a day searching for information on open source solutions and general help. Many of them are overseas and from places I haven't ever heard of so yes, I always scan the list of blocked javascript powered feeds and references from other sites. I never enable tracking sites and "feeds" from other sites until I know what they are. My caution stems from attending and receiving certification in secure programming. Once you see how trivial it is to compromise a PC on the Internet, a little caution helps me to sleep better. It is like the difference between giving your PC an external IP with no firewall and putting your PC behind a "filter" of a firewall and NAT'ing. Why ask for trouble by leaving your PC exposed to the Internet? The same applies to your browser. A little filtering costs very little and can save you the hassle of being compromised. Maybe since I deal with customers who have inadvertently strayed into an ugly web site and gotten "powned", I have gotten more cautious.

Mobile devices are even more scary (IMHO). "Secure Internet transaction" is nearly an oxymoron. "Secure Mobile transaction"? The bad guys are betting that you buy into that fiction......

Pete Helgren
www.petesworkshop.com
GIAC Secure Software Programmer-Java

On 1/28/2013 4:16 PM, Kevin Turner wrote:
15 years ago I would have agreed with you Pete.

Your average Joe using the Internet these days wouldn't even know what JavaScript was let alone why or how to disable it.

Are you seriously saying you do a full analysis of the JavaScript functionality on a new website before allowing it? Wow! You either need a medal, or psychiatric help:)

How do you perform this analysis when using your mobile device(s), or do you steer clear of those?


This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2020 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].