Security and Javascript

MJ Ray mjr at
Sat Jun 29 14:39:35 UTC 2013

On 29/06/13 14:10, Otto Kekäläinen wrote:
> I am not afraid of JavaScript. If we look at the security record of
> many browser related technologies, almost all security issues where
> somebody has managed to privilege them self up to the OS level from
> the browser sandbox has been related to Active X, Java applets or
> Flash.

Is the above true?  It certainly goes against the impression I get from
sites like even if some of them are
using javascript to trigger other types of attacks like user-assisted
ones where they make things look like a legitimate-but-confusing system

But please remember, almost no-one is suggesting campaigning against all
javascript - just that users should be given more control with good free
software like noscript.

Hope that explains,
MJ Ray (slef), member of, a for-more-than-profit co-op supporter, web and library systems developer.
In My Opinion Only: see
Available for hire (including development) at

More information about the Discussion mailing list