Subject: | |
From: | |
Reply To: | |
Date: | Sat, 19 Jan 2013 12:06:12 +0100 |
Content-Type: | multipart/signed |
Parts/Attachments: |
|
|
Am 19.01.2013 02:26, schrieb Todd And Margo Chester:
> Hi All,
>
> With all the security problems in Java right now, does
> anyone know if HTML5 will eventually sub for Java?
>
> And, will HTML5 have its own list of prodigious security
> problems?
>
> Many thanks,
> -T
HTML + javascript had its own share of broken sandboxes just like java.
Not to forget cross site scripting, cross site request forgery, session
ID theft and so on. With HTML5, WebGL was introduced as another major
feature that comes with its own boatload of security issues.
We've also seen security issues in pdfs, jpegs, pngs and so on. It's not
that the java exploits are extraordinary. It's just that
a) Because oracle is just about the only distributor of java runtime
environments these days, if there is an exploit, everyone is affected
while other web exploits are often limited to a single browser.
b) Oracle's handling of these issues seems ... sub-par, to say the least.
Regards,
Florian Philipp
|
|
|