JavaScript and Cookies enabled in Browser

To: debian-security@lists.debian.org
Subject: JavaScript and Cookies enabled in Browser
From: dfroien3@netscape.net (Don Froien, III)
Date: Fri, 20 Aug 2004 09:20:13 -0400
Message-id: <[🔎] 23FEDF72.069B6CAB.0096453E@netscape.net>

I was recently in a meeting where members of the IT group propose to use a utility called WebEx to perform remote compiles.  Webex offers SSL encrypted transfers and the ability to offer only selected members to the meeting (remote compile in this case) and offers the transfers over https (port 443).   The issue I see with this approach is that WebEx uses a browser interface that requires the browser to have Java Script and Cookies enabled.  I have always been under the impression that those two items were considerable security issues.  Does anyone know of any URL's or downloadable papers that will strengthen my argument against this approach?   I believe a VPN solution to be more appropriate, but am being told that the WebEx approach is more secure.  If anyone knows a reason that this approach is secure, please advise also.  Thanks


__________________________________________________________________
Switch to Netscape Internet Service.
As low as $9.95 a month -- Sign up today at http://isp.netscape.com/register

Netscape. Just the Net You Need.

New! Netscape Toolbar for Internet Explorer
Search from anywhere on the Web and block those annoying pop-ups.
Download now at http://channels.netscape.com/ns/search/install.jsp

Reply to:

Follow-Ups:
- Re: JavaScript and Cookies enabled in Browser
  - From: Daniel Pittman <daniel@rimspace.net>

Prev by Date: Re: sshd: Logging illegal users
Next by Date: Re: Official security support for sarge
Previous by thread: Fredo Strüber/HV/Maritim ist außer Haus.
Next by thread: Re: JavaScript and Cookies enabled in Browser
Index(es):
- Date
- Thread