nanog mailing list archives
Re: Follow up to previous post regarding SAAVIS
From: Leen Besselink <leen () consolejunkie net>
Date: Sun, 16 Aug 2009 01:46:33 +0200
Keith Medcalf wrote:
... Dont know what web 2.0 is but the new portal is a web based object management system complete with "recommended" changes and inconsistency lists. We just added prefix allocation check with backend information from PCH (prefix checker tool).Web 2.0 is marketroid drivel-speak for a method of continuing to ensure that Web Applications are uninspectable and unsecurable. It is based on doing partial document refreshes using code executing within the browser, usually in such a fashion that it modifies the document tree directly through foreign (ie, from the net) code execution in the context of the current user (or, because of the zillions of holes in those browsers supporting code execution, with the priviledges of the OS itself). It is highly insecure and cannot be secured by any products currently available. It is best to stay as far as possible from anything claiming that it is Web 2.0. Hallmarks of Web 2.0 are gratuitous javascript and java applications which cannot be disabled. Enabling any type of even minimal security on any web site that is "Web 2.0" buzzword compliant results in the display of completely blank pages. Web 2.0 pages will indirect all hyperlinks and navigation through javascript. Not because it provides anything useful but rather in order to force people to enable dangerous crap in their browsers (javascript, java, Flash Virus, &c)
Their are people who do understand how to do these things right. It's called progressive enhancement. [0] [1] Which means you don't need any fancy stuff to be able to use it or read the content, but if you have support for it, it will add extra convenience-features like search suggestions. Also in certain ways things are starting to improve for example the HTML5 spec has a video-tag [2] that's the only kinda of useful thing Flash is used for these days. Their is SVG and Canvas- tag in the HTML5-spec as well, which means even less reason to use plugins. The Chrome browser uses seperate processes with less priviledges to render the pages and run scripts and plugins. I'm just saying it's not all bad. [0] http://en.wikipedia.org/wiki/Progressive_enhancement [1] http://www.alistapart.com/articles/understandingprogressiveenhancement/ [2] Some may say, but their are no codecs specified, but the same is true for images, etc. and I think images did pretty well [3] http://en.wikipedia.org/wiki/Google_Chrome#Security
Current thread:
- Re: Follow up to previous post regarding SAAVIS, (continued)
- Re: Follow up to previous post regarding SAAVIS Kanagaraj (Aug 14)
- Re: Follow up to previous post regarding SAAVIS Steve Gibbard (Aug 12)
- Re: Follow up to previous post regarding SAAVIS Joe Provo (Aug 12)
- Re: Follow up to previous post regarding SAAVIS Richard A Steenbergen (Aug 12)
- Re: Follow up to previous post regarding SAAVIS Joe Maimon (Aug 13)
- Re: Follow up to previous post regarding SAAVIS Ricky Beam (Aug 12)
- Re: Follow up to previous post regarding SAAVIS Andrew Euell (Aug 13)
- Re: Follow up to previous post regarding SAAVIS Christopher Morrow (Aug 13)
- Re: Follow up to previous post regarding SAAVIS mkarir (Aug 12)
- RE: Follow up to previous post regarding SAAVIS Keith Medcalf (Aug 14)
- Re: Follow up to previous post regarding SAAVIS Leen Besselink (Aug 15)
- RE: Follow up to previous post regarding SAAVIS Keith Medcalf (Aug 14)