JavaScript Causes Security Concerns{0}
Websites have become more interactive thanks to JavaScript, but many are concerned that this scripting language can cause so security issues. Web 2.0 has allowed Websites to create a better user experience, and JavaScript takes advantage of this. Malicious JavaScript and Web site security flaws can lead to a security attack. JavaScript is a scripting programming language that was created in 1995 and is best known for its use in Web sites. Although the name has Java in it, it is not the same as Sun Microsystems’ Java .Now with Web 2.0 Web sites have become more interactive and a programming technique called AJAX has introduced more JavaScript in Web sites. David Wagner a computer science professor at the University of California Berkeley, said that JavaScript creates a major disaster because of its can be used in malicious ways. There have been a number of worms that have been created using JavaScript. A malicious script could be embedded in a Web pages and run on their own without the user even knowing. Malicious script could even be placed in Web sites through a flaw know as cross-site scripting. The best way to avoid malicious JavaScript is to disable JavaScript on your browser; the only problem with this is that a lot of Web- Sites won’t run correctly with JavaScript disabled. It is the responsibility of Web site operators to validate the JavaScript they use and try to avoid cross-site scripting. Malicious JavaScript has been around for a while but it has not been a major security until recently because of Web 2.0 and AJAX have made JavaScript a popular language to create interactive Web pages.
It was interesting to read that many computer experts agree that JavaScript is bad because it can expose your computer and network to malicious scripts that can be used for malicious purposes. Yet it is a popular language that is used in many Web sites.
I always thought that Java and JavaScript were related but they are not. They are similar and different at the same time. JavaScript contains smaller and simpler commands then Java. JavaScript is geared specifically to web pages.
Evers, Joris. (July 2006) FAQ: JavaScript insecurities. CNET News. Retrieved October 29,2011 from http://news.cnet.com/FAQ-JavaScript-insecurities/2100-7349_3-6100019.html?tag=contentMain;contentBody;3n