News:

Pretty crazy that we're closer to 2030, than we are 2005. Where did the time go!

Main Menu

Super cool 'astroids' bookmarklet

Started by iago, October 03, 2010, 08:52:31 PM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

Print
Go Down Pages1
User actions

iago

October 03, 2010, 08:52:31 PM
This is too awesome:
http://erkie.github.com/

MyndFyre

#1
October 04, 2010, 01:52:29 AM
+1 +20
Quote from: Joe on January 23, 2011, 11:47:54 PM
I have a programming folder, and I have nothing of value there

Running with Code has a new home!

Quote from: Rule on May 26, 2009, 02:02:12 PMOur species really annoys me.

Sidoh

#2
October 04, 2010, 03:29:28 AM
hahahahaha, this is great.  thanks for sharing. :)

Towelie

#3
October 04, 2010, 04:17:42 PM
bookmarked that thing lol

Joe

#4
October 05, 2010, 03:09:17 AM
Doesn't work on iPad. :(
Quote from: Camel on June 09, 2009, 04:12:23 PMI'd personally do as Joe suggests

Quote from: AntiVirus on October 19, 2010, 02:36:52 PM
You might be right about that, Joe.

dark_drake

#5
October 06, 2010, 01:31:33 PM
Quote from: iago on October 03, 2010, 08:52:31 PM
This is too awesome:
http://erkie.github.com/
After bookmarking it, I proceeded to destroy all my webpages. I was then forced to reload them to kill them once more. :) Thanks for sharing.
errr... something like that...

nslay

#6
October 06, 2010, 04:36:31 PM
You should make one that spawns 10 mouse pointers each moving in the same direction as the real one but far enough apart that the user may have to bruteforce to figure out which one is the real one.
An adorable giant isopod!

iago

#7
October 06, 2010, 05:31:50 PM
My concern about this is that you're loading a script file from some guy's site into the context of a bunch of your own sites. If you aren't checking the script file carefully, that can be dangerous. He can take actions on your behalf, log keystrokes, steal cookies, etc.

Sidoh

#8
October 06, 2010, 10:54:48 PM
mmmmm... cookies

MyndFyre

#9
October 07, 2010, 03:12:56 AM
Quote from: iago on October 06, 2010, 05:31:50 PM
My concern about this is that you're loading a script file from some guy's site into the context of a bunch of your own sites. If you aren't checking the script file carefully, that can be dangerous. He can take actions on your behalf, log keystrokes, steal cookies, etc.

Good sites use HTTP-only cookies.
Quote from: Joe on January 23, 2011, 11:47:54 PM
I have a programming folder, and I have nothing of value there

Running with Code has a new home!

Quote from: Rule on May 26, 2009, 02:02:12 PMOur species really annoys me.

iago

#10
October 07, 2010, 09:01:05 AM
Quote from: MyndFyre on October 07, 2010, 03:12:56 AM
Quote from: iago on October 06, 2010, 05:31:50 PM
My concern about this is that you're loading a script file from some guy's site into the context of a bunch of your own sites. If you aren't checking the script file carefully, that can be dangerous. He can take actions on your behalf, log keystrokes, steal cookies, etc.

Good sites use HTTP-only cookies.
HTTP-only cookies are good, but they don't prevent cross-site request forgery-style attacks. As soon as you can run javascript code on another site, you can take any actions you want on the user's behalf (except for captcha-protected stuff and places where the user is forced to type in their password like change password pages). Standard XSRF defenses don't work if you can run javascript code in the context of the site.

nslay

#11
October 07, 2010, 12:45:03 PM
I bet you could make a javascript letter detector for captchas easily ... might be really slow though.  Face detectors are pretty easy to make.

A lot of captchas are cracked by 20 year old code by HP ... breaking captchas is very doable.  I still think captchas should randomly collage various objects together and query the user to input the largest/smallest object's name.  Object detection and recognition is still a hard problem to solve.
An adorable giant isopod!

iago

#12
October 07, 2010, 12:47:02 PM
True, but captchas raise the bar significantly.

The easiest way, really, is to get the user himself to fill in the captcha with some kind of pretext. :)

Towelie

#13
October 21, 2010, 08:39:06 PM
Quote from: nslay on October 07, 2010, 12:45:03 PM
I bet you could make a javascript letter detector for captchas easily ... might be really slow though.  Face detectors are pretty easy to make.

A lot of captchas are cracked by 20 year old code by HP ... breaking captchas is very doable.  I still think captchas should randomly collage various objects together and query the user to input the largest/smallest object's name.  Object detection and recognition is still a hard problem to solve.
I agree, a bunch of pictures asking which one is X would be perfect
Print
Go Up Pages1
User actions