AJAX considered harmful

87C751 writes: "Security lists are abuzz about this presentation from the 23C3 conference, which details a fundamental design flaw in Javascript. The technique, called Prototype Hijacking, allows an attacker to redefine any feature of Javascript. The paper (warning: PDF link) is called "Subverting AJAX", and outlines a possible Web Worm that lives in the very fabric of Web 2.0 and could kill the Web as we know it."