Programming Tutorials

JavaScript Security

By: aathishankaran Printer Friendly Format    

As a web content developer and as a user, the Internet Security Threats that you face depend on who you are and what you have to Protect.

For example, if you are the Webmaster for a high-profile Organization, such as the CIA or the U.S. Department of Justice, Then you'll be the target of all those hackers merely for the Challenge you present; many hackers want the fame associated with Penetrating one of the big people. Even if you're Website is not in the hackers "Top 40," if it is not well protected, it may be penetrated just because it is an easy target. 

If your Website is involved with any type of financial transactions or controls any valuable assets, directly or even indirectly then it could be the target of a more professional type of Criminal than the recreational hacker. These cyber thieves may try to penetrate your Web site in order to get access to such Things as credit card numbers, software, sensitive information, Or physical assets, such as products that may be purchased through your Website. An attack on your Web site may be the first stage of a concerted Attack on your organization as a whole. 

If your Web server is inside your organization's firewall, then a penetration of your Web server could lead to a serious security breach of site- Internal networks. If your Web server is outside your organization Firewall, then an attacker may attempt to install clandestine software to monitor network traffic at the firewall's external interface. 

Due to the growing importance of the Web to commerce, a company's ability to conduct business can be affected by attacks on its Web site. While most businesses don't prey on each other through the Internet, a third party could manipulate a company's Web presence to reap financial gain. 

Threats to the Web User 

The security threats faced by the individual user are somewhat different than those of the Webmaster. First of all there isn't much prestige in breaking into someone's PC. This rules out some, but not all, recreational hackers. If someone wants to get access to your PC, then it is probably someone who is intent on collecting information about you or sabotaging the data on your PC. This special someone could be an acquaintance, a competitor, or anyone else who has an interest in knowing or stopping what you're doing. Due to the rise of electronic commerce on the Web, some electronic pickpockets have surfaced. These smalltime cyber thieves snoop on users' PCs in order to collect credit card numbers, passwords, and information that can be used to forge digital certificates. 

Most indiscriminate attacks on individuals come in the form of malicious software, such as viruses-yes, they are still out there. Future attacks will probably include executable Web content (JavaScript, Java, ActiveX) and executable e-mail, such as that provided by Netscape Messenger, Outlook, and other mail programs.