"Doublethink Approval Kit" by Ministry of Truth & Pozilla
Cecilia Tanaka Sun Jan 28 16:38:33 PST 2018
give a really good technical answer to my friends, please? <3 Technically, jewscript allows the execution of arbitrary code. Game Over.
On 29/01/2018 09:32, JewSA wrote:
Technically, jewscript allows the execution of arbitrary code. Game Over.
Javascript can be, and should be, compiled into caja, which is a safe subset of Javascript. Unfortunately, this solution is only available for servers, not end users. The caja subset of javascript has no access to the dom, and runs in a sandbox. So it can only screw things that you put into the sandbox. I would like to see an end user caja system that constrains java on arbitrary web pages so that it can only tinker with its own web page, talk to the server whose address appears on the url line that you see when looking at that web page, and has no knowledge of anything about your computer except the clicks on that web page and text you have typed into that web page. Which was how javascript was originally supposed to work.
On 01/28/2018 07:08 PM, jamesd@echeque.com wrote:
I would like to see an end user caja system that constrains java [...]
Which was how javascript was originally supposed to work.
Please do not confuse Java and JavaScript. The only relationship between the two is that Netscape paid Sun to license the Java trademark to what was previously known as LiveScript. (This was back when Netscape and Sun still existed as separate companies, mid-1990s or so.) -- Shawn K. Quinn <skquinn@rushpost.com> http://www.rantroulette.com http://www.skqrecordquest.com
On Jan 28, 2018 22:27, "Shawn K. Quinn" <skquinn@rushpost.com> wrote: On 01/28/2018 07:08 PM, jamesd@echeque.com wrote:
I would like to see an end user caja system that constrains java [...]
Which was how javascript was originally supposed to work.
Please do not confuse Java and JavaScript. The only relationship between the two is that Netscape paid Sun to license the Java trademark to what was previously known as LiveScript. (This was back when Netscape and Sun still existed as separate companies, mid-1990s or so.) Oh, Shawn, my dear, thank you a lot! <3 Wow, I do need to study coding really hard this year or consider seriously the 'harakiri' option, uff... Both will be pretty painful, ouch! :((
Sea sea no need to spend unnecessary time learning JavaScript and reinventing wheel xss BeEf > Metasploit Is a fav embedded video and pics 404 redirects you no the deal lol Empire for Winblows John knows how it works he hooked me once or was that you -------- Original Message -------- On Jan 28, 2018, 5:41 PM, Cecilia Tanaka wrote:
On Jan 28, 2018 22:27, "Shawn K. Quinn" <skquinn@rushpost.com> wrote:
On 01/28/2018 07:08 PM, jamesd@echeque.com wrote:
I would like to see an end user caja system that constrains java [...]
Which was how javascript was originally supposed to work.
Please do not confuse Java and JavaScript. The only relationship between the two is that Netscape paid Sun to license the Java trademark to what was previously known as LiveScript. (This was back when Netscape and Sun still existed as separate companies, mid-1990s or so.)
Oh, Shawn, my dear, thank you a lot! <3
Wow, I do need to study coding really hard this year or consider seriously the 'harakiri' option, uff... Both will be pretty painful, ouch! :((
On Jan 28, 2018 22:08, <jamesd@echeque.com> wrote: Javascript can be, and should be, compiled into caja, which is a safe subset of Javascript. Unfortunately, this solution is only available for servers, not end users. <SNIP> Thank you very much for the unexpected, but sincerely much appreciated answer, James. :) Well, now let's wait for the TTC Team's answer... Usually, they are pretty cute! <3
participants (5)
-
Cecilia Tanaka -
jamesd@echeque.com -
JewSA -
rooty -
Shawn K. Quinn