Wednesday, October 05, 2005

XMLHttpRequest - Good or Evil

 
They've been having fun with studying AJAX at Artemis (http://www.artemis-solutions.com) recently (i'm jealous :) ). Anyway, that article arthur ticked me off the wrong way, especially with his conclusions... I thought he was going to be objective and balanced, but he wasn't, so here goes my two kobo reply.
 

I think its unfair to paint Ajax as unsafe in the face of similar data that CAN and using the authors phrase, HAS been ganered from users using Desktop apps too. Truth is, once you’re on the internet, Security and Privacy gain a whole new meaning. I mean, the term "spyware" came up way before AJAX. Assuming that the Web was safe before AJAX (or safer), is a false premise, check out what cross-site-scripting can achieve. Agreed with AJAX you can do these things easier than before, that doesn’t mean that without AJAX these things totally can’t be done.

 

One may argue that with spyware, you have to install them... well... have you ever decompiled/disassembled that program you use most on your system, to make sure its not spying on you? Oh... i c... you took the Software Companies word for it... And now you're not going to take their word for it if they tell you their website is not spying on you? Whatever... Me, I don't believe any of them anyway... I just limit how much of my info can be compromised so at anytime the amount of info I loose is really minimal. How do I do this? I TRY to allow only OpenSource software have access to my most personal data, and where I can't, I don't bitch if I can't fix it. I'm I still very safe? Ofcourse NOT!!! What kind of world would this be if we were all totally safe? Unrealistic... that's the truth of Life... deal with it.

 

It is also not ground enough for the author to say: *Are you not yet fearful and angry? Not ready to rise up and strip the XMLHttpRequest code from your browser?*

 

As a matter of fact, I think that’s just a dumb conclusion (IMNSHO). Every Network Admin worth his salt, infact, any Engineer or human that deals in innovations, knows that when adding features to a product/design, most features can be used for Good as well as for Bad. If you asked me, I would say that in Nature everything comes in ionized (for want of a better expression) pairs – Positive Side n Negative Side.

 

Take the most basic of human abilities – Choice. This is the single factor that allows us to have great men like G. Washington, A. Lincoln, Essien Ita Essien (no… that’s not a typo :P), its also the same factor that allows us to have some of the worlds worst Tyrants like A. Hitler, J. Stalin, etc. Is choice a Bad Thing? I’ll say a resounding NO!!! But I’m guessing that the Arthur of that article is likely to recommend that the UN recommend all Nations of the world to pull out Choice from all New Human Beings. Soundz hilarious right? Exactly, that’s what reading that ‘pessimism’ laden paper feels like to me.

 

I would appreciate an article that highlights the potential security holes, and a way for users to be wary of them better than an out-on-out attack on AJAX (just b/cos it’s a new technology, and wasn’t pushed to the fore by some *traditional* big name, b/cos i'm almost certain that where this angst is coming from), and a conclusion that we should Strip Out XMLHttpRequest from our browsers!!! That just silly.

 

Anyways, any browser that likes, can go ahead and pull out XMLHttpRequest from its implementation and then sit back and watch satisfactorily as its Market Share torpedos downward (Oh, and if you've somehow missed the news, Opera the browser is free now too!!!). Yeah, and they can quote me as having said so (who am i? baaah…. Go away… that’s not important… YET :-) ). XMLHttpRequest has come to stay. AJAX is a technology that grew up in the wild of real software solutions (as opposed to a carefully designed paradigm), as such, it has _Darwinically_ earned its right to survive and my o my… survice it will, or mutate into something even more crazy it will.

 

My advice for all Nay Sayers? Wake up… shesssh… get real… this is NOT _Duh Maytreex_, this is actually… _Duh Reelwhurled_ :-) and as such, AJAX is here to stay.

 

Oh and lest I forget, better get more educated on safe browsing habits, and don’t worry, the next generation of Data Protection is just around the corner… trust me, I use Firefox!!!

 

Essien... out.

0 Comments:

Post a Comment

<< Home