[CentOS] C5 : Firefox 38 bug
Always Learning
centos at u64.u22.net
Fri Jun 12 23:50:03 UTC 2015
On Fri, 2015-06-12 at 14:38 -0600, Warren Young wrote:
> The main point of blocking JavaScript is that it throws a spike strip
> in the path of many other types of attacks. For instance, a Flash
> exploit often relies on some JS probing code to run before it can run,
> so blocking JS provides a second layer of protection while you’re
> waiting for Adobe to get around to patching the Flash plugin.
Never had Flash (Macromedia or Adobe) on any computer system - Windoze
3, 95's and 98 (my last) or on Centos. Prefer to miss something
requiring Flash. Now FF 38 has HTML5, I can view YouTube for the first
time ever. Other European countries official sites seem to use MP4
which FF's mplayer add-on displays.
> There is some minor evil possible directly from JavaScript. Some examples:
>
> * A script can probe your surfing history by dynamically generating
> hyperlinks in a hidden browser DOM, then checking how the browser
> styled those elements to infer whether you’ve clicked on that URL
> before. It’s a brute-force kind of thing, so it’s not too serious in
> practice, but it is a privacy leak.
History, cookies etc. are deleted every time FF closes. Whilst FF is
running they are on a RAM disk.
Thanks for the input.
--
Regards,
Paul.
England, EU. England's place is in the European Union.
More information about the CentOS
mailing list