Follow up to previous post regarding SAAVIS

Keith Medcalf kmedcalf at dessus.com
Fri Aug 14 16:41:56 CDT 2009


> ... Dont know what web 2.0 is but the new portal is a web based 
> object management system complete
> with "recommended" changes and inconsistency lists.
> We just added prefix allocation check with backend information
> from PCH (prefix checker tool).

Web 2.0 is marketroid drivel-speak for a method of continuing to ensure that Web Applications are uninspectable and unsecurable.  It is based on doing partial document refreshes using code executing within the browser, usually in such a fashion that it modifies the document tree directly through foreign (ie, from the net) code execution in the context of the current user (or, because of the zillions of holes in those browsers supporting code execution, with the priviledges of the OS itself).

It is highly insecure and cannot be secured by any products currently available.  It is best to stay as far as possible from anything claiming that it is Web 2.0.  Hallmarks of Web 2.0 are gratuitous javascript and java applications which cannot be disabled.  Enabling any type of even minimal security on any web site that is "Web 2.0" buzzword compliant results in the display of completely blank pages.  Web 2.0 pages will indirect all hyperlinks and navigation through javascript.  Not because it provides anything useful but rather in order to force people to enable dangerous crap in their browsers (javascript, java, Flash Virus, &c)


-- 
()  ascii ribbon campaign against html e-mail
/\  www.asciiribbon.org







More information about the NANOG mailing list