How web security will change with HTML5

Here’s an article with musings on potential security1 issues of The Web’s favorite new buzzword, HTML5.

Before you get too excited about breaking the spec, consider this bit:

The most dangerous security problems won’t be due to features of HTML5. Too many experienced people have been working on the specs to leave egregious errors in the design or in browsers’ implementation of it. The worst problems will come from developers who rush into new technologies without remembering sins of the past. It’s far too easy to fall into the trap of trusting data from the browser just because some hefty JavaScript routines have been assumed to perform all sorts of security validation on the data.

I can’t post the original article here because Mashable’s evil contract means I no longer have any rights to it. (Give us your content for free and receive Exposure!) I obviously agreed to these terms; hopefully they serve Mashable and me well.

If you’d like to hear more about HTML5 along with more technical details, stick around. There’s plenty to talk about!



Published by Mike Shema

Security, RPGs, and writing. Immersed in music (80s), sci-fi (dystopian), and horror (spooky). #synthwave Host of the Application Security Weekly podcast.