WebSockets insecurities lead browsers to disable support

By siliconindia | Tuesday, 14 December 2010, 00:21 IST | 2 Comments

WebSockets insecurities lead browsers to disable support

Bangalore: WebSockets that promised to make the Internet more interactive and enabled communication between the browsers and servers have come in for a lot of criticism due to a security problem. Recently, Opera and Firefox have pulled out from supporting WebSockets in the browsers' latest versions, Opera 11 and Firefox 4 respectively. The browsers had disabled their WebSockets support as news came in of a protocol vulnerability that was capable of inducing malicious codes in several websites. The vulnerability was discovered by programmer Adam Barth who cited a problem with the 'handshake' needed to set up WebSockets connection. Barth produced a paper on the same issue - identifying the problem and also proposing a new mechanism which is safer than the existing one. The solution for fixing the issue of WebSockets would entail rewriting of few WebSockets spec. The problem is not faced just by the browsers. Implementing WebSockets also affects Flash and Java performances. However, neither Adobe nor Oracle who respectively make Flash and Java have commented on the issue.

Siliconindia

WebSockets insecurities lead browsers to disable support

Featured Vendors

Singh Biotechnology: Unlocking the “Undruggable”

Fixpliance AI: Fixing Compliance at the Speed of AI

Harness: Unified AI Platform for Faster, Safer Delivery

Straiker: Unlocking AI’s Future

Mem0: The Missing Link in AI at Scale

Votal AI: Redefining Workforce Efficiency Through Ethical AI