Re: [LAU] New blog about Recording on Linux

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
To: <gnome@...>
Cc: <linux-audio-user@...>
Date: Saturday, October 1, 2011 - 7:59 pm

--0016e64bdb7a172bdd04ae422d96
Content-Type: text/plain; charset=ISO-8859-1

David

Thanks for that. I have done a little research and I am not sure that all
of the things you mention are as risky as you suggest. The OS you are using
does make a difference, as I understand it, because the JS exploit will be
downloading the malicious executable from a web site rather than actually
carrying out the exploit itself. Also, the malicious JS will need to
exploit a browser vulnerability - so if you keep you browser up to date
there should not be much risk; the malware writers find the vulnerabilities
from the browser authors when they plug the holes and issue and update.

Anyway, this is off topic really, I apologise and you're right there is a
risk. But I am happy to continue with JavaScript enabled on my computers.

Tony

On 1 October 2011 20:44, david wrote:

> Your OS makes no difference: malicious Javascript uses the browser as its

--0016e64bdb7a172bdd04ae422d96
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

DavidThanks for that.=A0 I have done a little research and I am not=
sure that all of the things you mention are as risky as you suggest.=A0 Th=
e OS you are using does make a difference, as I understand it, because the =
JS exploit will be downloading the malicious executable from a web site rat=
her than actually carrying out the exploit itself.=A0 Also, the malicious J=
S will need to exploit a browser vulnerability - so if you keep you browser=
up to date there should not be much risk; the malware writers find the vul=
nerabilities from the browser authors when they plug the holes and issue an=
d update.
Anyway, this is off topic really, I apologise and you're right ther=
e is a risk.=A0 But I am happy to continue with JavaScript enabled on my co=
mputers.TonyOn 1 October 2011 20=
:44, david <gno=
me@hawaii.rr.com
> wrote:
Your OS makes no difference: malicious Java=
script uses the browser as its platform, not the OS.

It's possible to Javascript to turn your browser session into a bot; it=
's possible to use Javascript to probe networks hidden behind routers a=
nd firewalls, identify targets and route target-specific attacks to those t=
argets; it's possible for Javascript to capture login IDs and passwords=
.

It's possible to use Javascript to track what sites you go to and what =
you do there - which is why Google says its OK to run Javascript. Their Goo=
gle Analytics tool requires Javascript. So if someone has Javascript turned=
off, Google doesn't get any tracking information to use and sell to th=
eir paying customers.

There's no need to require Javascript for site navigation.

Tony Austin wrote:

Is JavaScript so bad? =A0Why turn it off? =A0I am happy to have it on all t=
he time and the worries are much less under Linux. =A0It's not Java or =
ActiveX after all.

On 1 October 2011 10:34, Arve Barsnes wrote:

=A0 =A0On 1 October 2011 08:53, Lorenzo Sutton wrote:
=A0 =A0 > On 10/01/2011 04:14 AM, Ken Restivo wrote:
=A0 =A0 >>
=A0 =A0 >> On Sat, Oct 01, 2011 at 03:00:02AM +0200, Peter Crighton =
wrote:
=A0 =A0 >>>
=A0 =A0 >>> Hello list,
=A0 =A0 >>> I just wanted to let you know that I started a new bl=
og about
=A0 =A0 >>> Recording on Linux: http://linux-recording.blogspot.co=
m/

=A0 =A0 >>> The first entry (well, not counting the introduction =
here) is about
=A0 =A0 >>> using the Analogue Drums Big Mono drumkit with Hydrog=
en. Let me
=A0 =A0know
=A0 =A0 >>> what you think about the blog, any constructive criti=
cism is much
=A0 =A0 >>> appreciated!
=A0 =A0 >>>
=A0 =A0 >>
=A0 =A0 >> *sigh*, Google, doesn't anyone use HTML anymore?
=A0 =A0 >>
=A0 =A0 >> This is what that website looks like with JavaScript turn=
ed off:
=A0 =A0 >>
=A0 =A0 >> http://storage.restivo.org/misc/blogger.jpg
=A0 =A0 >>
=A0 =A0 >> I'm sure it's a fantastic blog, but, I dunno what=
Google has
=A0 =A0done to it.
=A0 =A0 >
=A0 =A0 > If truth be told it seems a problem with this particular blog=

=A0 =A0(which by the
=A0 =A0 > way seems a very cool idea ;) - other blogspot blogs seem to =
work
=A0 =A0with
=A0 =A0 > JavaScript turned off.
=A0 =A0 >
=A0 =A0 > I'm not a blogger user so I'm not sure what google pu=
ts in when
=A0 =A0you create a
=A0 =A0 > blog and what it leaves to the user. Maybe, the massive use o=
f
=A0 =A0JavaScript
=A0 =A0 > comes in for recently created ones?
=A0 =A0 >
=A0 =A0 > That said. Yes it seems that google is pushing more and more =
for
=A0 =A0the use of
=A0 =A0 > JavaScript see e.g.
=A0 =A0 >
=A0 =A0http://googlesystem.blogspot.com/2007/05/no-javascript-no-google-navigation.html
=A0 =A0 >
=A0 =A0It seems that, without allowing javascript from blogblog.com
=A0 =A0<http://blogbl=
og.com
> this
=A0 =A0particular blog doesn't work at all. Is that also owned by Goog=
le?

=A0 =A0Arve

--
David
gnome@hawaii.rr.co=
m

authenticity, honesty, community
_______________________________________________
Linux-audio-user mailing list
=
Linux-audio-user@lists.linuxaudio.org

http://lists.linuxaudio.org/listinfo/linux-audio-user

--0016e64bdb7a172bdd04ae422d96--

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:
[LAU] New blog about Recording on Linux, Peter Crighton, (Sat Oct 1, 1:00 am)
Re: [LAU] New blog about Recording on Linux, Carlos sanchiavedraz, (Mon Oct 3, 7:03 am)
Re: [LAU] New blog about Recording on Linux, Jeremy Jongepier, (Sat Oct 1, 9:20 am)
Re: [LAU] New blog about Recording on Linux, Carlos sanchiavedraz, (Mon Oct 3, 7:04 am)
Re: [LAU] New blog about Recording on Linux, Jeremy Jongepier, (Mon Oct 3, 7:24 am)
Re: [LAU] New blog about Recording on Linux, Carlos sanchiavedraz, (Mon Oct 3, 3:20 pm)
Re: [LAU] New blog about Recording on Linux, Andras Simon, (Sun Oct 2, 2:04 am)
Re: [LAU] New blog about Recording on Linux, Ken Restivo, (Sat Oct 1, 2:14 am)
Re: [LAU] New blog about Recording on Linux, Atte André Jensen, (Sun Oct 2, 7:34 am)
Re: [LAU] New blog about Recording on Linux, Andras Simon, (Sat Oct 1, 12:25 pm)
Re: [LAU] New blog about Recording on Linux, Lorenzo Sutton, (Sat Oct 1, 6:52 am)
Re: [LAU] New blog about Recording on Linux, Leigh Dyer, (Sat Oct 1, 9:06 am)
Re: [LAU] New blog about Recording on Linux, Thomas Vecchione, (Sat Oct 1, 11:35 am)
Re: [LAU] New blog about Recording on Linux, Arve Barsnes, (Sat Oct 1, 8:34 am)
Re: [LAU] New blog about Recording on Linux, Tony Austin, (Sat Oct 1, 9:04 am)
Re: [LAU] New blog about Recording on Linux, Hartmut Noack, (Mon Oct 3, 6:30 pm)
Re: [LAU] New blog about Recording on Linux, Aaron L., (Tue Oct 4, 5:53 am)
Re: [LAU] New blog about Recording on Linux, Peter Crighton, (Thu Oct 6, 9:15 am)
Re: [LAU] New blog about Recording on Linux, david, (Sat Oct 1, 6:44 pm)
Re: [LAU] New blog about Recording on Linux, Atte André Jensen, (Sun Oct 2, 7:47 am)
Re: [LAU] New blog about Recording on Linux, david, (Sun Oct 2, 8:06 am)
Re: [LAU] New blog about Recording on Linux, Tony Austin, (Sat Oct 1, 7:59 pm)
Re: [LAU] New blog about Recording on Linux, sevol, (Sat Oct 1, 6:20 am)
Re: [LAU] New blog about Recording on Linux, Patrick Shirkey, (Sat Oct 1, 1:50 am)
Re: [LAU] New blog about Recording on Linux, Ronald Stewart, (Sat Oct 1, 1:05 am)