Create an Account
username: password:
 
  MemeStreams Logo

Billy Hoffman: 'Would you like a destoyed Internet with your JavaScript?'
search
Home Agent Weblogs Social Network Post Help About

Decius
Picture of Decius
Decius's Pics
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Decius's topics
Arts
  Literature
   Sci-Fi/Fantasy Literature
  Movies
   Sci-Fi/Fantasy Films
  Music
   Electronic Music
Business
  Finance & Accounting
  Tech Industry
  Telecom Industry
  Management
  Markets & Investing
Games
Health and Wellness
Home and Garden
  Parenting
Miscellaneous
  Humor
  MemeStreams
Current Events
  War on Terrorism
Recreation
  Cars and Trucks
  Travel
Local Information
  United States
   SF Bay Area
    SF Bay Area News
Science
  Biology
  History
  Math
  Nano Tech
  Physics
Society
  Economics
  Politics and Law
   Civil Liberties
    Internet Civil Liberties
    Surveillance
   Intellectual Property
  Media
   Blogging
Sports
Technology
  Computer Security
  Macintosh
  Spam
  High Tech Developments

support us

Get MemeStreams Stuff!


 
Billy Hoffman: 'Would you like a destoyed Internet with your JavaScript?'
Topic: Computer Security 5:54 pm EDT, Mar 25, 2007

A security researcher at ShmooCon on Saturday demonstrated, but did not release, a tool that turns the PCs of unknowing Web surfers into hacker help.

As expected, SPI Dynamics researcher Billy Hoffman demonstrated a Web application vulnerability scanner written in JavaScript. The tool, called Jikto, can make an unsuspecting Web user's PC silently crawl and audit public Web sites, and send the results to a third party, Hoffman said.

"The whole point was to show how scary cross-site scripting has become."

"Once one person has talked about the ability to do it, it doesn't take that long for somebody else to come up with it," said one ShmooCon attendee who asked to remain anonymous. "It will come out."

There are already 50k hits for a Google search on "Jitko". A few comments from around the web: Jeremiah Grossman, of Whitehat Security, and "Pascal". Anurag Agarwal offered a Reflection on Billy Hoffman, along with a photo:

This week on Reflection we have a very young guy from the webappsec field.

Billy’s knowledge on Ajax is tremendous ... his ability to think differently has helped him achieve so much in such a short time.

I got a chance to meet with him in the WASC meetup at RSA. He is a very lively character. Let me put it this way, if billy is a part of a conversation, you won’t get bored even if you just stand there and listen.

Billy got an amazing amount of press out of this one. Google is up to 74,000!

Billy Hoffman: 'Would you like a destoyed Internet with your JavaScript?'

Thread [7] - Reply


  
 
Powered By Industrial Memetics		RSS2.0