Security a Concern As HTML5 Advances 234
Trailrunner7 writes "Every technology innovation has its coming out party, and Google Inc.'s recent 'dancing balls' logo experiment was widely interpreted as a high-impact debut for HTML5. But web security experts are warning that the sprawling new web standard may favor functionality over security, enabling a new generation of powerful web-based attacks. They agree that there are security enhancements in HTML5, but all expressed the same concern: that the new specification will greatly increase the 'attack surface' of HTML — providing more avenues by which malicious code can be delivered through the web. 'HTML5 has an enormous amount of functionality. The (specification) is just huge,' said Jeremiah Grossman of security firm WhiteHat. The breadth of the new specification gives him concern. 'I know that we're still finding vulnerabilities in HTML4,' Grossman said."
Re:Dancing balls? (Score:4, Funny)
Time to retire the C64 and cradle modem bro
Re:As opposed to what? (Score:1, Funny)
And even if you stay off the internet, you can still get herpes.
Re:Dancing balls? (Score:3, Funny)
Re:Dancing balls? (Score:3, Funny)
Coming soon, CERT® Advisories for HTML (Score:1, Funny)
CERT® Advisory CA-2012-01 HTML5 Vulnerability ... we recommend disabling HTML until the fix is installed.
Re:Dancing balls? (Score:2, Funny)
Maybe not so much.
From the HTML 5 spec:
16.2.7.1 Dancning balls shall be supported.
16.2.7.1.1 Non-graphical browsers shall support curses like, text based dancing balls.
16.2.7.1.2 Any browser unable to display dancing balls shall be immediately redirected to MySpace.