That is, the apps where you keep your data can easily sandbox ads. Can't easily prevent XSS
OK, but when you say "bad" it helps to point to past compromises. "Regular" XSS caused many
-
-
Conversely, I haven't seen any due to GA or Like button JS being subverted just yet.
-
You would have to have a global whitelist of 3rd parties you can trust. Malvertising happens.
-
I buy HW from Apple instead of [random vendor] because I trust it. Same with JS APIs ;-)
-
To some extent, yes. But it's also about limiting oneself. Drop privileges if you will.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.