YOUR FEEDBACK
AMD Wants To Depose 486 People in Intel Case
AMD News Desk wrote: Contrary to what you may have read elsewhere, AMD has...
May. 9, 2008 01:06 PM
SOA World Conference
Virtualization Conference
$200 Savings Expire May 9, 2008... – Register Today!
Did you read today's front page stories & breaking news?
SYS-CON.TV: How Do You Minimize Unpleasant Surprises in Your Java Code? Guest Nigel Cheshire

SYS-CON.TV

2007 West
GOLD SPONSORS:
Active Endpoints
Your SOA Needs BPEL for Orchestration
BEA
Virtualized SOA: Adaptive Infrastructure for Demanding Applications
Nexaweb
Overcoming Bandwidth Challenges with Nexaweb
TIBCO
What is Service Virtualization?
SILVER SPONSORS:
WSO2
Using Web Services Technologies and FOSS Solutions
Click For 2007 East
Event Webcasts

2008 East
PLATINUM SPONSORS:
Appcelerator
Think Fast: Accelerate AJAX Development with Appcelerator
GOLD SPONSORS:
DreamFace Interactive
The Ultimate Framework for Creating Personalized Web 2.0 Mashups
ICEsoft
AJAX and Social Computing for the Enterprise
Kaazing
Enterprise Comet: Real–Time, Real–Time, or Real–Time Web 2.0?
Nexaweb
Now Playing: Desktop Apps in the Browser!
Sun
jMaki as an AJAX Mashup Framework
POWER PANELS:
The Business Value
of RIAs
What Lies Beyond AJAX?
KEYNOTES:
Douglas Crockford
Can We Fix the Web?
Anthony Franco
2008: The Year of the RIA
Click For 2007 Event Webcasts
TOP THREE LINKS YOU MUST CLICK ON


AJAXWorld News Desk
Can We Fix the Web? Yahoo!'s Douglas Crockford Says "Yes!" at AJAXWorld
Opening Keynote - 5th International AJAXWorld Conference & Expo in New York City

By: RIA News Desk
Mar. 21, 2008 05:30 PM
Digg This!

"The web was not intended to be an application platform," said Douglas Crockford today as he delivered the Opening Keynote at the 5th International AJAXWorld Conference & Expo, "and the biggest problems in the browser is security."

For over ten years attacks have been possible through the loopholes offered by the browser. A text that is benign in one content might be dangerous in another, third-party scripts can be embedded into URLs.

 Web developers are blamed for this "But it's not their fault it's the system," says Crockford. What went wrong? JavaScript's Global Object is the root cause of Cross-Site Scripting (XSS) attacks, Crockford explains.

The Document Object Model (DOM) is the next problem. And the misuse of cookies as tokens of authority is a third.

"If the Web's been screwed up right from the beginning, why should we be worried about it now?" Crockford asks rhetorically.

One reasons is mashups, which Crockford calls "the most interesting innovation in software development for 20 years."

He then proposed a 3-prong strategy to fix the Web.

1. safe JavaScript subsets

2. small browser improvements

3. massive browser improvements

We need to replace JavaScript, Crockford insists.

Published Mar. 21, 2008 — Reads 3,494
Copyright © 2008 SYS-CON Media. All Rights Reserved.
About RIA News Desk
Ever since Google popularized a smarter, more responsive and interactive Web experience by using AJAX (Asynchronous JavaScript + XML) for its Google Maps & Gmail applications, SYS-CON's RIA News Desk has been covering every aspect of Rich Internet Applications and those creating and deploying them. If you have breaking RIA news, please send it to RIA@sys-con.com to share your product and company news coverage with AJAXWorld readers.

Naysayer wrote: The Web survived 10 years...maybe we should just leve it alone?
read & respond »
LATEST AJAXWORLD STORIES
New Synchronization Features in eValid Support AJAX Application Testing
By RIA News Desk
Software Research has announced the availability of major new specialized commands in its Patented eValid Website Test & Analysis Suite. eValid has introduced a set of AJAX Playback Synchronization on DOM Element commands that provide direct control of test script playback synchr
May. 9, 2008 03:00 PM
AJAX World - Sun Talks Up its Late-to-the-Party AIR-Silverlight Rival
By Maureen O'Gara
At Java One this week Sun has been selling its year -old-but-still-upcoming - and definitely late-to-the-party - Adobe AIR- and Microsoft Silverlight-competitive JavaFX Rich Client environment as a potential revenue-generator capable of putting ads on mobile applications and JavaF
May. 9, 2008 03:00 PM
AJAX World - Xceed Launches Microsoft Silverlight 2 Control
By .NETDJ News Desk
Xceed launched Xceed Upload for Silverlight, the commercial offering in support of Microsoft's promising new Silverlight technology. The product is available now for purchase or as a fully functional 45-day trial on Xceed's website. Xceed Upload for Silverlight lets developers ad
May. 9, 2008 03:00 PM
Sun Adds Comprehensive Video Capabilities to Java Platform With On2 Technologies
By Java News Desk
Sun Microsystems announced it has entered into a multi-year agreement with On2 Technologies to add comprehensive video capabilities, using On2 Technologies TrueMotion video codecs, to Sun's JavaFX, a family of products for creating Rich Internet Applications (RIAs) with immersive
May. 9, 2008 01:30 PM
AJAX World - Skyway Software Announces RIA Developer Contest
By RIA News Desk
According to Sean Walsh, President and CEO of Skyway Software, 'Our Skyway Community is thriving and our members are very talented. We truly look forward to their RIAs submittals and Skyway Builder extensions and are excited that all of the contributions will benefit the entire S
May. 9, 2008 07:30 AM
SUBSCRIBE TO THE WORLD'S MOST POWERFUL NEWSLETTERS
SUBSCRIBE TO OUR RSS FEEDS & GET YOUR SYS-CON NEWS LIVE!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021
SYS-CON FEATURED WHITEPAPERS

MOST READ THIS WEEK
Beyond AJAX to the Rich Internet Application & Rich Interactive Experience Era
By Jeremy Geelan
Engelbart's Usability Dilemma: Efficiency vs Ease-of-Use
By Richard Monson-Haefel
A Look at Some Heavy Hitters and Newcomers in the RIA Market
By Kevin Whinnery
Anthony Franco's AJAXWorld Keynote - "RIAs Are Only Valuable If They Are Useful"
By RIA News Desk
AJAX World - Who Will Win the Next Battle for the Desktop?
By Richard Monson-Haefel
Why Is an Enterprise RIA Platform Different?
By Richard Treadway
AJAX World - Curl Launches Adobe AIR Competitor
By RIA News Desk
AJAX World - Adobe Flex 4 Is Shaping Up
By Yakov Fain
Book Review: Advanced AJAX by Shawn M. Lauriat
By Brian J. Dillard
Appcelerator Integrates RIA Platform with Google App Engine
By RIA News Desk
Good News for AJAX – The Browser Wars Are Back!
By Jon Ferraiolo
AJAX and Open Source Communities Must "Liberate" the HTML Web from the Unweb
By Christopher Keene
ADS BY GOOGLE