[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Mailing form



Gordon,

I did internal electronic/computer security for a LD company for 2 years. 
 So, I do think about the security risks.  But, do I condemn C or Pascal, 
because some hacker wrote a packet sniffer in that particular language? No, 
of course not.  So those that condemn javascript, which is a BETA language, 
need to understand that problems do develop.  If the risks of PERL, and 
they do still exist <G>, had been blown out of proportion like this has 
been, what would we all be using for our CGI? <G>

----------
From: 	Gordon McComb[SMTP:gmccomb@ix.netcom.com]
Sent: 	Friday, March 01, 1996 2:21 PM
To: 	javascript@obscure.org
Subject: 	Re: Mailing form

I guess the "smapping/e-mail stealing" aspect of this has some people
worried, and there have been a number of messaged condemning JavaScript for
it.  I don't think in hacker's terms so not only do I never think this 
stuff
up, I usually am clueless about the potential damage (until it happens to 
me!).

I agree that it's a nice way to do forms without need a form CGI script.
Fortunately I have a generic one at my site, and access to CGI, but not
everyone is so lucky...

-- Gordon


At 03:26 AM 3/1/96 +0000, you wrote:
>huh? what security risks? so, what other ways are there to do this
>then?  i dont have unix, cgi stuff, nor do i care to.
>
>it makes no sense to me... what can a hacker do to a form thats
>emailed to me that he cant do to me through regular email?
>
>oh well, paranoia fills time, i guess
>
>you know theres quite a security risk in giving your credit card
>number to someone over the phone, through the mail.... hell, even
>having a credit card on you.  so is life.

--------------------------------------------------------------------
This message came from the mailing list javascript. For help using the
mailing list software, please send a message to 'majordomo@obscure.org'
with the message body 'help'. To unsubscribe, send a message to
'majordomo@obscure.org' with the message body 'unsubscribe javascript'.




begin 600 WINMAIL.DAT
M>)\^(@$#`0:0" `$```````!``$``0>0!@`(````Y 0```````#H``$-@ 0`
M`@````(``@`!!) &`"@!```!````# ````,``# #````"P`/#@`````"`?\/
M`0```$L`````````@2L?I+ZC$!F=;@#=`0]4`@````!J879A<V-R:7!T0&]B
M<V-U<F4N;W)G`%--5% `:F%V87-C<FEP=$!O8G-C=7)E+F]R9P``'@`", $`
M```%````4TU44 `````>``,P`0```!<```!J879A<V-R:7!T0&]B<V-U<F4N
M;W)G```#`!4,`0````,`_@\&````'@`!, $````9````)VIA=F%S8W)I<'1 
M;V)S8W5R92YO<F<G``````(!"S !````' ```%--5% Z2D%605-#4DE05$!/
M0E-#55)%+D]21P`#```Y``````L`0#H!`````@'V#P$````$`````````],Y
M`0B !P`8````25!-+DUI8W)O<V]F="!-86EL+DYO=&4`,0@!!( !`!$```!2
M13H@36%I;&EN9R!F;W)M`(8%`06 `P`.````S <#``$`%@`!`#<`!0`J`0$@
M@ ,`#@```,P'`P`!`!4`. `B``4`2P$!"8 !`"$````U,#<R04%#-$$P-S-#
M1C$Q045!1#0T-#4U,S4T,# P, #Z!@$#D 8`T <``!(````+`",``0````,`
M)@``````"P`I```````#`#8``````$ `.0``"VB=Y >[`1X`< `!````$0``
M`%)%.B!-86EL:6YG(&9O<FT``````@%Q``$````6`````;L'Y)U&Q*IR47.@
M$<^NK41%4U0`````'@`># $````%````4TU44 `````>`!\,`0```!,```!S
M9F5A=&AE<D!D<V-G82YC;VT```,`!A!442V?`P`'$#(&```>``@0`0```&4`
M``!'3U)$3TXL241)1$E.5$523D%,14Q%0U123TY)0R]#3TU0551%4E-%0U52
M25191D]204Q$0T]-4$%.649/4C)914%24U-/+$E$3U1(24Y+04)/55142$53
M14-54DE465))4TM3``````(!"1 !````6@8``%8&```$"P``3%I&=><:\Z+_
M``H!#P(5`J@%ZP*#`% "\@D"`&-H"L!S970R-P8`!L,"@S(#Q0(`<')"<1'B
M<W1E;0*#,W<"Y <3`H!]"H (SPG9._$6#S(U-0* "H$-L0M@X&YG,3 S%% +
M"A11I0OR8P! ($<%L&0"( 8L"H4*A4D@9&ED'B +@!/0!* '0"!E;$T%D'0#
M8 ,`8R\%H&U4<'4<P2 1L&,(<70,>2 "$ 7 82!,1)X@'>(`<![D$>!Y91&1
M)"X@!@!O+!PR;R#T=&@+@&L?, ;@'B A<:9E'F@%$'-K(+)"'B"O(1 A41Q 
M!:!N#;!M`Z#D0R %L5!A!/ '0"$0\F(%D&%U$; >8 -P(F#I$8!C:QY!=P-@
M$] ?,?<*L"9Q!4!S`P`-T!Y!"X"M(7%A!4 *L70=L'4+8(,%P!CR=6%G93\'
ML+DA`6]F'X$(<"71;B;@.R##(7%O)=$H8R0V:F'N=B41!1(A$'<AD!%P')##
M!" ?0$)%5$$I5R$0UFX)X!R ="%@=211$:#_`9 D4"A5`V "8!/@!" A4:4-
ML'8=,&]P(,%)*E"'(D(C$RHR4$523"$0?2_T91[@(5$3P ,0'1%XXP0`!4 \
M1SXA$!& '(#O)8 )\"5P%:!W`Z B`BI!M3"!<!6Q:0(@*5!I)H!_(7($(!& 
M!" U4BU"*(%W]0A@;!R =R<!-#$E@"]PGP"0&1 >\PAA)*!'22G@CS3!&\8*
MBS<@,3@P`M'@:2TQ-#0-\ S0/0,Y"UDQ-@J@)M(=8" M7S\G"H<]VPPP/J9&
M`V$ZWT N/J8,@AKE!=!C"% &T !;4TU44#IG;8)C'>%B0&EX+B\`ZG0=X2X=
MX5T_ST#=!F"?`C!"#T,;0< <<&%Y(1 F30K +9$P,2$0,3DD.38@0#HR&M!0
M37-&?T#=5&](OT,;+*A IS"@!/ (<&4N!;!G3']Q1XYU8FH=44Z?0QM2WF54
M0$L0`Q YU6T[+SPS_#,V/:<:13ZF'$ ID >0DP0@(D(B<P# <' YT?@O92T`
MP ,1$\$'0#G1\B(?,'-P/N(J03=W)@-?7+ QD!U "H4XL'((@60_,R<6$"9!
M,6 U1!] ;G7O!M >02I!!X%S*;$<@"0U]3G22BRQ4P4$'P$*A1[ \S&R(4%N
M)R(B(:(H,294?B=:@020,.$F`"K2),!N_FPSLQQ +P`Q8 7 (80W<\T3P'4-
MT J%=7 A$B7 YRF@-# >X&%M'X *01U _P01(>@VH!/0`C ',1Q0:A#Y*;$@
M*"^ -!%C\29!6R"/"?!:@2%@!X A*2X;;O\IL G1*%0>P&7!8+$=L")@_G=*
MT"]"(5%6X@0@`_ K<?\B$2\#'T!6XCJ"'F %`VX6_D85L2^ *( =,![@'$!@
M$^\?0"G +P`%$&-FL2<!!4#^;1[@`) 3T#,D`-!P8%IR?R%@.I$E87'B)N *
MA6=R>9]UPFA"(6 *0"9P>2YZ$-\;;#\@&N4;; J%005 &4 #3!!+X$%-(#,O
M,7HO2]$K/* \H"$0>1!UA2:T.@J%/FAU:"G@_SAC(HPIX"8`.$4FX%_!<()_
M+=%?X5^T<-0W<W]&(D%N_RG@')!D8FT"8#$O@$60(1#\8V>$X&AS+N$%L2%1
MA.#_)3"#$R# ?T9_1FSQ`, F@/\$("K@'F$`@(,C!X!Z$3A4_R4P8)(F52%2
M(6!R92AB@]C_$^!6<2\D)B$H8R)1BM$%0.>+I(X#`V!U9RV@%A ID.LI(HU3
M/X?>;RV@.1 T,/<A$ JQ`'!O!S >\#0A6H&_!W$A$(3@6D.'WGZB:RK@YP?@
M7[,$('%U=G$?,2*+^R@BAA!V.=)^H07 !0`)@/]L\8=!'(!_1F#5+U$F`G7"
M_F]GA%WQ*X O`"$0CY8B0O];HGH1(, B4))",5$#H']'_RRP.=(?0)B:-O%^
MH2#!9E'_+<$W("?P>C^A_Z,/I!^E'?T*A50W@F%UAS$F(0-2G&=_.=(W(#21
M+*@@P'/QG3)P_SFE(D$*A:A+)@`!@'"0%A!_DF$=0"40(F)VTJ;7+U$GW0# 
M:AL"!&!1&B=>=G&A5YQDIO4&X&0>X">J$B?_(,!.<"]Q::!1,040)8 A$/^M
M3PJ%KF^O=+ _L46R62R9?['P>[]7SUC?/N(*A14Q``&], ```P`0$ `````#
M`!$0`@```$ `!S#@);#=XP>[`4 `"##@);#=XP>[`1X`/0`!````!0```%)%
(.B `````+7D`
`
end

--------------------------------------------------------------------
For help about the list, please send a message to 'majordomo@obscure.org'
with the message body 'help'. To unsubscribe, send a message to
'majordomo@obscure.org' with the message body 'unsubscribe javascript'.
List archives and pointer to FAQ: http://www.obscure.org/javascript/