Yahoo Gets Trashed By Users »
« Yahoo! Performance Engineers discuss what the 80/20 Rule Tells Us about Reducing HTTP Requests

Does AJAX cause a larger “Attack Surface”? No.

Written by on December 3rd, 2006 in Ajax News.

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

What Hat Security digs deep into the mess of “Ajax is insecure” hype with their article on Myth-Busting AJAX (In)security.

They discuss:

  • Does AJAX cause a larger “Attack Surface”? No.
  • Does AJAX make the “Attack Surface” harder to find? Yes and No.
  • Can AJAX cause “Denial of Service”? Not really.
  • Does AJAX rely on client-side security? No.
  • Does AJAX lead to poor security decisions? Sort of.
  • Does AJAX make Cross-Site Scripting (XSS) attacks worse? I hope not.
  • Does AJAX change security best practices? No.

Does this article exhibit common sense? Yes. Does it answer its own questions like Donald Rumsfeld? Yes.

Source: Ajaxian
Original Article: http://ajaxian.com/archives/does-ajax-cause-a-larger-%e2%80%9cattack-surface%e2%80%9d-no

Leave a Reply

You must be logged in to post a comment.


Site Navigation

Pages

Recently

Archives