In biology they are called proviruses, chunks of malicious genetic code
encased by proteins. When one invades a cell, it embeds itself in the host's
own genes. Treated as the cell's own DNA, the viral DNA lies dormant,
undetected. Then, something flips the switch .The viral code is opened up and
parsed, initiating the events that form a new generation of hundreds or
thousands of copies, destroying the original host cell, and ready to continue
the cycle.
Whether for a living cell or an AJAX application, effective security can be a
matter of life or death. And whether the invader is a piece of viral DNA or a
string of evil-minded code, the effects can be devastating. This article will
discuss how such code can break into a Web application, embed itself in the
application's data, and quickly spread elsewhere, much as a virus does. In
each of these situations the artic... (more)