|
Title: Ajax developers playing with fire Post by: Admin on October 08, 2006, 06:48:19 PM The rise of Asynchronous JavaScript and XML (Ajax) applications is exposing enterprises and end users to a new series of security threats, but developers are insufficiently aware of the risks. "We are seeing a rise in web application attacks because people are realising that it is easier to go through the Web application," Billy Hoffman, a lead security researcher with Spi Dynamics, told vnunet.com. "There is all sorts of money to be made in Web security," Hoffman said at the AjaxWorld conference in Santa Clara, California. "It is often easier to attack an application through the web layer than by trying to break through the firewall or spoof around the intrusion detection system. Criminals take the path of least resistance." From the end-user perspective, Ajax is a programming technique that allows websites to pre-fetch data and facilitate more interactive websites.
|