I can’t believe how much hype this article is generating. From the article:
Like so many technologies-gone-bad before it, this technology was created for the purpose of good. And until now, the XMLHttpRequest has been so good it could almost be considered saintly, providing users and developers alike with such conveniences as input validation without post-back, text area spell checkers, and Gmail. Interfaces built with AJAX are fun to use and even more fun to program. It’s almost hard to imagine that such a miraculous object could ever do wrong.
But even without the discovery of a giant security hole, the XMLHttpRequest will likely fall from grace. Its fall will be in the form of “user over-profiling” for want of a better description. Currently, user profiling helps Web site owners detect trends, track page viewing habits and iron out usability problems. Until now though, developers could only analyze posted data—data that users decided they wanted the server to get, and were happy to send off for processing.
This is just ridiculous. Not only is it dead wrong technically, it makes assumptions that just because a technology is gaining recent popularity, the potential is there for security flaws to appear.
Let’s take a look at this claim from the article: Until now though, developers could only analyze posted data—data that users decided they wanted the server to get, and were happy to send off for processing.
Let me share some information with you: The internet is not private. Ever since the first day you opened a web browser and started visiting websites you have been tracked. This is no secret, everyone knows about cookies and how websites use them to store data. Recently there have even been reports of people realizing that they might not need cookies and starting to regularly delete them.
When you use the internet, you are giving up parts of your privacy. When you enter information into a website you are trusting that website with whatever information you give it. This is how the internet works, and how it will work for years to come (if not forever). Either get used to it, or it’s time for you to get a bigger tin foil hat.
Anyway, back to my original point: The article is simply uninformed whining, and I’m very surprised any technical website would publish such a hyped up piece of crap. They may as well have written an article on the ‘Dangers of cookies’ and published that instead. I’m even more surprised at the amount of attention it’s getting.