To Customer Support To Customer Support

Holey? COWL! Boffins build boxes to hold sketchy JavaScript libs

  • 7 October 2014
  • 1 reply
  • 180 views
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54

Worried password_leak_hehe.js is going to spill your precious beans? Well, never fear...

By Iain Thomson, 7 Oct 2014  Researchers have developed what they say is a new web privacy system for Google Chrome and Mozilla Firefox: we're told it blocks dodgy JavaScript code from funneling sensitive information to crooks.
The Confinement with Origin Web Labels (COWL) system tries to protect websites that rely on JavaScript libraries written by third parties – libraries that could be secretly copying passwords and other vital data from webpages to crims.
 These errant libs could have been badly designed, poorly implemented, deliberately written to be malicious, or compromised by hackers tampering with the source code.
 
Full Article

1 reply

R
Rank
Userlevel 7
A good point brought out about that developers simply shouldn't use unaudited or sketchy-sourced code in production, This issue in a prior thread was brought up by using third party apps. In other words go to the source before adding on or as a developer before production starts.

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.