Hackers exploit poor website code

Hackers exploit poor website code

Tom Warren on 14 April 2008 - 12:31 · 8 comments & 6491 views

Advertisement (Why?)

Web designers making very old mistakes are letting malicious hackers hijack visitors to their sites, say experts. Many of the loopholes left in the code created for websites have been known about for almost a decade say the security researchers. The poor practices are proving very attractive to hi-tech criminals looking for a ready source of victims.

According to Symantec the number of sites vulnerable in this way almost doubled during the last half of 2007.

Kevin Hogan, director of security operations at Symantec, said the bug-ridden web code was putting visitors to many entirely innocent sites at risk. "It overturns the whole notion that if you stay away from gambling and porn sites you are okay," he said. The attack that a malicious hacker can carry out via these web code vulnerabilities is known as cross-site scripting (abbreviated as XSS).

View: BBC News

About the Author

Full name: Tom Warren
User name: Tom W
Contact: via forum PM
Submissions: View All
More: View Bio New!

Post a comment · Send to friend Comments · There are 8 additional comments

(2 replies) #1 ste on 14 Apr 2008 - 12:39

whats with the double line spaces and the lack of grammar.

#1.1 Twisted Chaz on 14 Apr 2008 - 12:55

It's not double line spacing, BBC usually write very short brief sentences. Can't see that many grammar mistakes.

#1.2 peachey on 14 Apr 2008 - 13:23

Try single line spacing, and the article isn't really written in paragraph form and more dot point form.

#2 shaunld on 14 Apr 2008 - 13:04

XSS attacks are neutered by Firefox + NoScript. Of course if trusted sites are affected by shoddy coding, then no browser (IE 7 Protected Mode?) can save you.

(1 reply) #3 C_Guy on 14 Apr 2008 - 15:20

"It overturns the whole notion that if you stay away from gambling and porn sites you are okay,"

Ahhh, Symantec at their finest. Only a moron thinks that every site that's not porn or gambling is safe.

Seriously, how do these people get jobs????

#3.1 Xenomorph on 14 Apr 2008 - 15:23

(C_Guy said @ #3)

I wonder if it was just an attempt by a religious group trying to get their message across.

Obviously visiting any gambling, porn, or abortion-related sites will destroy your computer. God does this because you deserve punishment for your wicked ways.

#4 Xenomorph on 14 Apr 2008 - 15:20

When were porn or gambling sites dangerous?

Who the hell ever told someone that "if you want to be safe, stay away from those evil porn and gambling sites!" ??

Lazy and ignorant people are un-safe. It doesn't matter what kind of sites they visit.

#5 ahhell on 14 Apr 2008 - 20:23

I bet Symantec has a product that can protect me from those dangerous sites.
Off to Symantec.com.

La la la la.

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.

Advertisement (Why?)

Neowin.net

Hackers exploit poor website code

Share this Article

About the Author

Related news