TechJamaica is unsafe to a degree

[GeniusDragon]

If you are not versed in scripts then please refrain from trying to tell us what is and isnt possible. Javascript is one of hundreds of scripts that computers can run but then again, what about the scripts hackers are writing themselves from scratch. You say Scenario 2 isnt possible but you are more than wrong. Either way lets just wait and see.

[jasonmarsh]

If you are not versed in scripts then please refrain from trying to tell us what is and isnt possible. Javascript is one of hundreds of scripts that computers can run but then again, what about the scripts hackers are writing themselves from scratch. You say Scenario 2 isnt possible but you are more than wrong. Either way lets just wait and see.

There is no need for the personal attacks.

All I am saying is that the described attack scenario wasn't possible. And I am again highlighting the word described. The description of the attack is not correct. A malicious javascript from techjamaica.com cannot access cookies from say gmail.com. That said, there have been multiple instances where the SOP was bypassed. And we can discuss those cases. However, at that point its a different ballgame.

Now, can you inject malicious scripts into a page to totally own a box/user? Absolutely. So I am not disagreeing with you. All I am saying is that that particular scenario as described is incorrect. I do however understand your general argument.

No issues man....