What are wrong with Scripted Languages? Especially, when they run in your browser? As Netscape's JavaScript does or Microsoft's JScript?
= By “a set of loose standards,” JavaScript (Netscape's) and Jscript (Microsoft's) are designed to be secure. Design Point: How do you keep them secure in a web browser?
- They are not allowed to read or write files.
- Also, disallowed from network communication.
- Lastly, unable to call other programs. (Why your browser auto-launching MS Outlook Express is bad. Because, bad site's will command [your old never updated & freebie junk] MS Outlook Express to open your address book, and send an email to everyone you know, with a virus, and clever message, to gain their trust (assuming it is you), and re-infect everyone else's computers, too.)
- Can you tell, I'm around too many people - unaware of this!?
- Perhaps, no one ever told them? Perhaps, no one ever really explained it? Perhaps, they simply presume computers are secure, and you "can do anything" / "visit anywhere," and not be concerned of being attacked. (Or opening unknown attachments - doesn't matter?)
- Sorry, this still isn't a proper excuse.
= There are all the technical details.
= So, why distrust Jscript? Because, “when an exploit is found,” and these bad site authors (evil hackers!) connect up with "tell this to everyone", (send such and such commands / wording) to infect PCs.
= There you are. Now, it's restore time.
= True, a “jump back” to the restore point can (usually) regain control.
- However, again, this should not be assumed to have fix / repaired the computer!!! It means you have an opportunity to back-up your files. If you don't? Then, "wait and watch," time will tell.
= How long, till it goes south, again, and then the “restore point” will not work.
Glen
PS. My apologies, for talking a bit strong.
