How to break web applications.
I’m watching a video on my new iTouch about how to break web
applications, and it presented the idea that Javascript is the same as
stack overflows which are also the same as getting free phone calls by
whistling a note into a payphone…
They're all examples of bad things happening when you intermingle code
(javascript/return addresses/command tones) and data (html/arrays on
the stack/your voice). I guess it’s sort of expensive to set up two
connections for every connection, but that seems to be the only way to
avoid stuff like this, which has apparently been happening for
years.
I don’t think there’s a lot I can do with this new idea, but it seemed interesting, so I figured I’ld record it for posterity.