Ain't it incredible how any article about problems with some OS or browser always leads to tedious and stupid arguments about "my OS/browser is better than yours"?
So before writing something like that, please consider such comments only make you look stupid.
Another things that makes you look stupid is to confuse Java and JavaScript - they are NOT related! If you don't understand their respective technology, then just assume Java is secure and JavaScript ain't!*
Alright, now lets take a better look at what this is really about...
Do you know any OS/browser which haven't suffered a arbitrary code execution JavaScript exploit?
Lynx on OSX ain't, but that is probably because it doesn't have support for JavaScript and neither because the Internet Software Consortium is a hell of a lot better than most guys at writing software nor because it is run on OSX.
No one have yet managed to create a secure JavaScript interpreter, thus the only conclusion one can really draw from this kind of news is that the guys within static analysis and program verification should receive more funding. ;-)
Oh well, the real conclusion should probably more along: "JavaScript sucks".
*: And nothing is absolutely secure - this is from a architectural point of view.
Register
Javascript is inherently insecure - apparently
Ain't it incredible how any article about problems with some OS or browser always leads to tedious and stupid arguments about "my OS/browser is better than yours"?
So before writing something like that, please consider such comments only make you look stupid.
Another things that makes you look stupid is to confuse Java and JavaScript - they are NOT related! If you don't understand their respective technology, then just assume Java is secure and JavaScript ain't!*
Alright, now lets take a better look at what this is really about...
Do you know any OS/browser which haven't suffered a arbitrary code execution JavaScript exploit?
Lynx on OSX ain't, but that is probably because it doesn't have support for JavaScript and neither because the Internet Software Consortium is a hell of a lot better than most guys at writing software nor because it is run on OSX.
No one have yet managed to create a secure JavaScript interpreter, thus the only conclusion one can really draw from this kind of news is that the guys within static analysis and program verification should receive more funding. ;-)
Oh well, the real conclusion should probably more along: "JavaScript sucks".
*: And nothing is absolutely secure - this is from a architectural point of view.