DOCSLIB.ORG

Advanced Internet Applications on Desktop

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Advanced Internet Applications on Desktop MASARYK UNIVERSITY FACULTY}w¡¢£¤¥¦§¨ OF I !"#$%&'()+,-./012345<yA|NFORMATICS Advanced Internet Applications on Desktop DIPLOMA THESIS Bc. Martin Miko Brno, 2011 Declaration Hereby I declare, that this paper is my original authorial work, which I have worked out by my own. All sources, references and literature used or excerpted during elaboration of this work are properly cited and listed in complete reference to the due source. Advisor: doc. RNDr. Tomáš Pitner, Ph.D. ii Acknowledgement I would like to thank to doc. RNDr. Tomáš Pitner, Ph.D. whose guidance, many inspiring ideas, remarks, and above all patience made all this possible. Without his good will this work would never be born. Also I would like to thank to all my friends, who stood behind me, had to cope with my moodiness and helped in many ways in the time of need. And last, but not least, I would like to thank to my family for their support and understanding. iii Abstract The aim of this work is to describe, analyse and compare selected important rich Internet application platforms that allow desktop deployment. Analysed platforms are Adobe AIR using applications built in Adobe Flex and Microsoft Silverlight. Secondary aim of this work is demonstration of capabilities offered by AIR framework and comparison of AIR applica- tions to solutions based on JavaScript. To compare and analyse various platforms, a comparison or benchmarking method is required, but unluckily no relevant methods exist. This work proposes a benchmarking method that allows complex comparison of this type of platforms. Method is based on gen- eral requirements of users and developers. Proposed method consist of two parts, the first part scores features of platforms, the second part further refines results obtained in the first part, according to defined user roles. Result of comparison showed that Adobe AIR is more mature and balanced platform than Microsoft Silverlight and it is more suitable for desktop deployed rich Internet appli- cation development. Another result is proposal of benchmarking method that can be used, for complex analysis of rich Internet application platform that provide desktop deployment capabilities. The demonstrational application shows that AIR-Flex solution can offer better and more interesting features than JavaScript based solution. Nevertheless rich Internet application platforms cannot compete with traditional ones like Java neither in terms of performance nor offered capabilities. iv Keywords desktop, RIA, rich, Internet, application, Flex, AIR, Silverlight, comparison, benchmark v Contents 1 Introduction ......................................... 1 1.1 Thesis goals and structure .............................. 2 1.2 Genesis: From web to desktop ............................ 2 1.3 Rich Internet applications on desktop ....................... 4 1.4 Available Rich Internet Application desktop technologies ............ 6 1.4.1 Adobe AIR, Adobe Flex and Microsoft Silverlight . 7 1.4.2 JavaFX . 7 1.4.3 Canoo ULC . 8 1.4.4 Google Gears . 8 1.4.5 Mozilla Prism . 9 1.4.6 Fluidium . 10 2 Closer look at Adobe Flex, Adobe AIR and Microsoft Silverlight . 11 2.1 Adobe Flex and Adobe AIR ............................. 11 2.1.1 Technology backgroud . 11 2.1.2 History . 12 2.1.3 Platform architecture . 13 2.2 Microsoft Silverlight ................................. 14 2.2.1 Technology backgroud . 15 2.2.2 History . 15 2.2.3 Platform architecture . 16 3 Comparison and benchmark analysis proposal .................... 19 3.1 Why we need to analyse, compare and benchmark . 19 3.2 Comparison and Benchmarking method ...................... 20 3.2.1 About proposed method . 20 3.2.2 Requirement groups . 21 3.2.3 User roles . 23 4 Benchmark .......................................... 25 4.1 Technology ....................................... 25 4.1.1 Offered features . 25 4.1.2 Integration options . 27 4.1.3 Areas of use . 29 4.1.4 Conclusion . 31 4.2 Portability ....................................... 31 4.2.1 Supported operating systems, devices and system requirements . 31 4.2.2 Runtimes . 33 4.2.3 Conclusion . 34 4.3 Development ..................................... 35 4.3.1 Software development kits . 35 4.3.1.1 AIR SDK and Flex SDK . 35 4.3.1.2 Silverlight 4 SDK and Expression Blend SDK . 36 vi 4.3.2 AIR development tools . 36 4.3.3 Open-source AIR development tools . 37 4.3.4 Silverlight development tools . 38 4.3.5 Open-source Silverlight development tools . 39 4.3.6 Testing and debugging . 40 4.3.6.1 Flash platform tools . 40 4.3.6.2 Silverlight tools . 41 4.3.7 Knowledge and skill reusability . 41 4.3.8 Conclusion . 44 4.4 Usability ........................................ 44 4.4.1 Distribution . 45 4.4.2 User experience . 46 4.4.3 Conclusion . 47 4.5 Results ......................................... 47 5 Development of AIR video chat client ......................... 50 5.1 Application analysis and design .......................... 50 5.2 Development and deployment ........................... 53 5.2.1 Development . 54 5.2.2 Deployment . 57 6 Conclusion .......................................... 59 Bibliography . 64 A Content of attached CD .................................. 65 vii Chapter 1 Introduction The information technologies are one of the most rapidly evolving areas in the human his- tory. Their penetration into lives of individuals and whole societies is undoubtedly astonish- ing and complete. People cannot imagine their lives without them anymore. It is interesting to watch how quickly all hardware gets smaller and its computing power grows, Smart- phones of current era have more computing power than powerful server computers used twenty years ago, how communication infrastructure evolved into single ecosystem, inter- connecting almost the whole world. And all these changes have influenced both software and human activities as well. Software and human activities connected with information technologies changed rapidly to reflect current needs and capabilities of their hardware counterparts. Software evolved not only in a technical way, but also in a way of usability. User interfaces transformed from simple terminal screens to appealing graphical user interfaces, which are more intuitive and more usable, even for new users, without any previous experience with similar software. When speaking about human activities, it is important to say, that they have always reflected the way how people worked with information technologies. The more people use various software tools and devices, the more are human activities tied to information technologies. On the one hand it is good, because the information technologies help us with boring, or otherwise laborious work. On the other hand, they have become in many cases too integral part of our lives, and if they stop working properly one day, we may not be able to identify it, or even recover from possible losses. The main force behind a recent development of information technologies is undoubtedly the Internet. The Internet as a global phenomenon is not only a way of quick accessing of information, but also a global infrastructure for business, government or social networking. The Internet itself is changing the world as we know it. It provides a new, unique and glob- alised environment, where almost everything is instantaneously accessible to everyone. It is very intriguing to watch how Internet resembles the globalization of real world and vice versa. Maybe one day we will have a single infrastructure, and will use a single device to ac- cess all our data, which will be hosted on-line. A science fiction you say? Well not at all, technologies are still evolving, and they are evolving pretty rapidly in this way. Powerful mobile devices and widely available services accessible over Internet are the cornerstones for future unified platforms. These platforms will employ new models of using and building of applications. Probably they will not be much different from those we already know, and 1 1.1. THESIS GOALS AND STRUCTURE they will be built on top of what we already have, combining only the best of each approach. Closest to these new ways of understanding, using and developing of before mentioned applications are rich Internet applications and platform on which they are built. The main reason for choosing these platforms for future application development is their hybrid char- acter. They can combine the best of web browser-based and desktop-based applications, into a single, powerful application. Furthermore, they offer a unified environment, so ap- plications can be run on multiple devices and operating systems almost seamlessly. This is probably the way most future applications will be developed. 1.1 Thesis goals and structure Goals of this work are following. The main goal of this work is to describe, analyse and compare selected important rich Internet application platforms that allow desktop deploy- ment. Analysed platforms are Adobe AIR using applications built in Adobe Flex and Mi- crosoft Silverlight. Secondary goal of this work is demonstration of capabilities offered by AIR framework and comparison of AIR applications to solutions based on JavaScript. In this work we will look at some noteworthy platforms, which support deployment on desktop operating systems and we will try to compare them and find out what can be build on top of them. But before that, in this chapter, we will describe background and the evolution which lead to current state in this field. After a brief introduction a chapter describing background of analysed platforms will follow. The third chapter will describe how we will compare chosen platforms. In the following chapter we will be analysing the chosen platforms. And in the fifth chapter, we will describe development of an example application built in one of analysed platforms. 1.2 Genesis: From web to desktop To start with, we will look back into the history. Everything started with the invention of World Wide Web service, or briefly the web. A service firstly introduced in 1991 at Euro- pean Organization for Nuclear Research (Conseil Européen pour la Recherche Nucléaire – CERN). Its purpose was simple: allow sharing of data among high energy physicists.
Load more

Recommended publications
  • Current Trends in Vector-Based Internet Mapping: a Technical Review
    Chapter 3 Current Trends in Vector-Based Internet Mapping: A Technical Review Christophe Lienert, Bernhard Jenny, Olaf Schnabel, and Lorenz Hurni Abstract Possibilities and limitations of Internet cartography software largely depend on the pace set by the software industry. The variety of commercial and non-commercial software caters for the needs of a continuously growing mapping community, including both professional and amateur cartographers. This chapter provides an overview of state-of-the-art technologies for vector-based Web- mapping as of the beginning of 2011. Both proprietary and open format technologies are discussed for vector data rendering in browsers, highlighting their advantages and disadvantages. The discussed technologies are Adobe Flash, Microsoft Silverlight, Scalable Vector Graphics (SVG), JavaFX, Canvas, and WebGL. The chapter also discusses client and server side frameworks which provide Application Programming Interfaces (APIs) for creating custom interactive maps, mainly by overlaying raster images with vector data. 3.1 Introduction Internet maps are the major form of spatial information delivery, as the Internet is today the primary medium for the transmission and dissemination of maps (Peterson 2008). For map authors, the maze of available techniques for creating and distributing Web maps is overwhelming, while authoring tools for Web-maps meeting the demands of high-quality cartography are difficult to find. Map authors may choose between GIS and graphics software products to create maps for the Internet, but these off-the-shelve maps oftentimes fall short of effectively convey- ing information. There are three main reasons for this shortcoming: (a) the design of these maps sometimes does not take into account the specific limitations of digital displays (Jenny et al., 2008); (b) the maps are often restricted in using standard C.
    [Show full text]
  • Rich Internet Applications
    Rich Internet Applications (RIAs) A Comparison Between Adobe Flex, JavaFX and Microsoft Silverlight Master of Science Thesis in the Programme Software Engineering and Technology CARL-DAVID GRANBÄCK Department of Computer Science and Engineering CHALMERS UNIVERSITY OF TECHNOLOGY UNIVERSITY OF GOTHENBURG Göteborg, Sweden, October 2009 The Author grants to Chalmers University of Technology and University of Gothenburg the non-exclusive right to publish the Work electronically and in a non-commercial purpose make it accessible on the Internet. The Author warrants that he/she is the author to the Work, and warrants that the Work does not contain text, pictures or other material that violates copyright law. The Author shall, when transferring the rights of the Work to a third party (for example a publisher or a company), acknowledge the third party about this agreement. If the Author has signed a copyright agreement with a third party regarding the Work, the Author warrants hereby that he/she has obtained any necessary permission from this third party to let Chalmers University of Technology and University of Gothenburg store the Work electronically and make it accessible on the Internet. Rich Internet Applications (RIAs) A Comparison Between Adobe Flex, JavaFX and Microsoft Silverlight CARL-DAVID GRANBÄCK © CARL-DAVID GRANBÄCK, October 2009. Examiner: BJÖRN VON SYDOW Department of Computer Science and Engineering Chalmers University of Technology SE-412 96 Göteborg Sweden Telephone + 46 (0)31-772 1000 Department of Computer Science and Engineering Göteborg, Sweden, October 2009 Abstract This Master's thesis report describes and compares the three Rich Internet Application !RIA" frameworks Adobe Flex, JavaFX and Microsoft Silverlight.
    [Show full text]
  • Chrome Extension Page Change Notification
    Chrome Extension Page Change Notification trapansIs Salmon his Jehovistic tirrivees infiltrating when Tod impecuniously, witness unmusically? but shelliest Peirce Chauncey remains subcorticalnever clinks after so vortically. Batholomew mobilising slangily or outmans any troilism. Lazlo Tab title now shows a countdown timer and status. Receive a notification whenever the browser is being used and you however not tracking time. If disabled click this affiliate link happy buy a product or service, we may is paid first fee rule that merchant. Winternals Defragmentation, Recovery, and Administration Field Guide foster the technical editor for Rootkits for Dummies. It will even explode if your keyboard and mouse go untouched for two minutes or more. Or just mail it into yourself to read whenever. Save money remove the hassle. Reload your Chrome extension. Safari using our extension! Here became the latest Insider stories. Configure the refrigerator of enterprise login URLs where password protection service can capture fingerprint of password. Failed to load latest commit information. TODO: we should top the class names and whatnot in post here. Here is day you did remove notifications in Google Chrome completely and effectively. User or password incorrect! Specificity needed here that override widget CSS defaults. The best renderings in is world! Ability to update settings of respective job. In life case, our extension will also have a configuration page, so moving will have use nuclear option. Showing the prompt to load on sat site or visit you just annoying, though. Why my multiple nations decide to launch Mars projects at exactly she same time? Vox Media has affiliate partnerships.
    [Show full text]
  • RBS-2019-014 Honey Browser Extension Content Script Improper
    RBS-2019-014 Honey Browser Extension Content Script Improper DOM Handling Browser Action UI Spoofing Table of Contents Table of Contents 2 Vendor / Product Information 3 Vulnerable Program Details 3 Credits 3 Impact 3 Vulnerability Details 3 Solution 4 References 4 Timeline 4 About Risk Based Security 5 Company History 5 Solutions 5 2019-07-31 2 of 5 Vendor / Product Information The Honey Browser Extension for ​Chrome, Firefox, Safari, and Edge allows users to instantly find and apply coupon codes at checkout for over 30,000 online shopping sites and, according to the vendor, 10,000,000 members utilize the extension. Vulnerable Program Details Details for tested products and versions: Vendor: Honey Science Corporation ​ Product: Honey Browser Extensions for Chrome, Firefox, Safari, and Edge Versions: Honey Addon for Firefox version 10.8.1 and 11.1.0 ​ Honey Extension for Chrome 10.8.1, 11.0.2, 11.1.0, 11.1.1, 11.1.2, 11.2.1, and 11.2.2 Honey Extension for Edge 11.1.1.0 Honey Extension for Safari 10.9.0 NOTE: Other versions than the one listed above are likely affected. Credits Sven Krewitt, Risk Based Security Twitter: @RiskBased Impact The browser extension’s content script is used to inject and display UI elements in the Document Object Model (DOM) of the current web page. When a user activates the browser action while visiting a specially crafted web site, a context-dependent attacker can spoof UI elements of the browser extension and conduct phishing attacks. Vulnerability Details The Honey browser extensions are activated when a user clicks on the Honey extension logo in the browser toolbar.
    [Show full text]
  • Flex Resources*
    OpenStax-CNX module: m34542 1 Flex Resources* R.G. (Dick) Baldwin This work is produced by OpenStax-CNX and licensed under the Creative Commons Attribution License 3.0 Abstract The purpose of this document is to provide a list of links to online Flex and ActionScript resources to supplement the other lessons in the series. 1 Table of Contents • Preface (p. 1) • Resources (p. 1) • Miscellaneous (p. 3) 2 Preface This tutorial lesson is part of a series of lessons dedicated to programming using Adobe Flex. The purpose of this document is to provide a list of links to online Flex and ActionScript resources to supplement the other lessons in the series. note: The material in these lessons is based on Flex version 3 and Flex version 4. 3 Resources • Baldwin's Flex programming website 1 • Baldwin's ActionScript programming website 2 • Adobe Flex Home 3 • Download free open-source Adobe Flex 3.5 SDK 4 · Adobe Flex SDK Installation and Release Notes 5 · Application Deployment 6 • Download free open-source Adobe Flex 4 SDK 7 *Version 1.2: Jun 8, 2010 3:07 pm -0500 http://creativecommons.org/licenses/by/3.0/ 1http://www.dickbaldwin.com/tocFlex.htm 2http://www.dickbaldwin.com/tocActionScript.htm 3http://www.adobe.com/products/ex/?promoid=BPDEQ 4http://www.adobe.com/cfusion/entitlement/index.cfm?e=ex3sdk 5http://www.adobe.com/support/documentation/en/ex/3/releasenotes_ex3_sdk.html#installation 6http://livedocs.adobe.com/ex/3/html/help.html?content=Part3_deploy_1.html 7http://opensource.adobe.com/wiki/display/exsdk/Download+Flex+4 http://cnx.org/content/m34542/1.2/
    [Show full text]
  • Rich Internet Applications for the Enterprise
    Final Thesis Rich Internet Applications for the Enterprise A comparative study of WebWork and Java Web Start by Emil Jönsson LITH-IDA-EX–07/063–SE 2007-12-07 Linköping University Department of Computer and Information Science Final Thesis Rich Internet Applications for the Enterprise A comparative study of WebWork and Java Web Start by Emil Jönsson LITH-IDA-EX–07/063–SE Supervisors: Valérie Viale Amadeus Philippe Larosa Amadeus Examiner: Kristian Sandahl Department of Computer and Information Science Linköping University Abstract Web applications initially became popular much thanks to low deployment costs and programming simplicity. However, as business requirements grow more complex, limitations in the web programming model might become evident. With the advent of techniques such as AJAX, the bar has been raised for what users have come to expect from web applications. To successfully implement a large-scale web application, software developers need to have knowledge of a big set of complementary technologies. This thesis highlights some of the current problems with the web programming model and discusses how using desktop technologies can improve the user experience. The foundation of the thesis is an implementation of a prototype of a central hotel property management system using web technologies. These technologies have then been compared to an alternative set of technologies, which were used for implementing a second prototype; a stand-alone desktop client distributed using Java Web Start. Keywords: web development, Rich Internet Applications, WebWork, Java Web Start, Property Management System, hospitality software Acknowledgements First I would like to thank Amadeus for giving me the opportunity to do an internship at their development site in Sophia Antipolis.
    [Show full text]
  • A Web Desktop Or Webtop Is a Desktop Environment Embedded in a Web Browser Or Similar Client Application
    II BASIC THEORY II.1 What is Web Desktop? A web desktop or webtop is a desktop environment embedded in a web browser or similar client application. A webtop integrates web applications, web services, client-server applications, application servers, and applications on the local client into a desktop environment using the desktop metaphor. Web desktops provide an environment similar to that of Windows, Mac, or a graphical user interface on Unix and Linux systems. It is a virtual desktop running in a web browser. In a webtop the applications, data, files, configuration, settings, and access privileges reside remotely over the network. Much of the computing takes place remotely. The browser is primarily used for display and input purposes. II.2 History In the context of a web desktop, the term Webtop was first introduced by the Santa Cruz Operation (SCO) in 1994 for a web-based interface to their UNIX operating system. Andy Bovingdon and Ronald Joe Record, who both explored the concepts in different directions, are often credited as the inventors. II.3 About eyeOS eyeOS is an open source web desktop written in mainly PHP, XML, and JavaScript. It acts as a platform for web applications written using the eyeOS Toolkit. It includes a Desktop environment with 67 applications and system utilities. It is accessible by portable devices via internet. III.3 eyeOS Implementation III.3.1 Advantages of eyeOS • Convenience: A personalized desktop on every supported client device • Mobility: Access your desktop anywhere there is a supported client device • Session Management: Server-side session management allows roaming users to access restored sessions from anywhere III.3.2 Limitations Security: Due to the fact that all data is transferred over the internet, it might be possible for a hacker to intercept the connection and read data.
    [Show full text]
  • Security Analysis of Firefox Webextensions
    6.857: Computer and Network Security Due: May 16, 2018 Security Analysis of Firefox WebExtensions Srilaya Bhavaraju, Tara Smith, Benny Zhang srilayab, tsmith12, felicity Abstract With the deprecation of Legacy addons, Mozilla recently introduced the WebExtensions API for the development of Firefox browser extensions. WebExtensions was designed for cross-browser compatibility and in response to several issues in the legacy addon model. We performed a security analysis of the new WebExtensions model. The goal of this paper is to analyze how well WebExtensions responds to threats in the previous legacy model as well as identify any potential vulnerabilities in the new model. 1 Introduction Firefox release 57, otherwise known as Firefox Quantum, brings a large overhaul to the open-source web browser. Major changes with this release include the deprecation of its initial XUL/XPCOM/XBL extensions API to shift to its own WebExtensions API. This WebExtensions API is currently in use by both Google Chrome and Opera, but Firefox distinguishes itself with further restrictions and additional functionalities. Mozilla’s goals with the new extension API is to support cross-browser extension development, as well as offer greater security than the XPCOM API. Our goal in this paper is to analyze how well the WebExtensions model responds to the vulnerabilities present in legacy addons and discuss any potential vulnerabilities in the new model. We present the old security model of Firefox extensions and examine the new model by looking at the structure, permissions model, and extension review process. We then identify various threats and attacks that may occur or have occurred before moving onto recommendations.
    [Show full text]
  • Web Privacy Beyond Extensions
    Web Privacy Beyond Extensions: New Browsers Are Pursuing Deep Privacy Protections Peter Snyder <[email protected]> Privacy Researcher at Brave Software In a slide… • Web privacy is a mess. • Privacy activists and researchers are limited by the complexity of modern browsers. • New browser vendors are eager to work with activists to deploy their work. Outline 1. Background Extension focus in practical privacy tools 2. Present Privacy improvements require deep browser modifications 3. Next Steps Call to action, how to keep improving Outline 1. Background Extension focus in practical privacy tools 2. Present Privacy improvements require deep browser modifications 3. Next Steps Call to action, how to keep improving Browsers are Complicated uBlock PrivacyBadger Disconnect AdBlock Plus Firefox Safari Privacy concern Chrome Edge / IE Browser maintenance experience Extensions as a Compromise uBlock PrivacyBadger Disconnect AdBlock Plus Runtime Extensions modifications Firefox Safari Privacy concern Chrome Edge / IE Browser maintenance experience Privacy and Browser Extensions � • Successes! uBlock Origin, HTTPS Everywhere, Ghostery, Disconnect, Privacy Badger, EasyList / EasyPrivacy, etc… • Appealing Easy(er) to build, easy to share • Popular Hundreds of thousands of extensions, Millions of users Browser Extension Limitations � • Limited Capabilities Networking, request modification, rendering, layout, image processing, JS engine, etc… • Security and Privacy Possibly giving capabilities to malicious parties • Performance Limited to JS, secondary access Extensions vs Runtime uBlock PrivacyBadger Disconnect AdBlock Plus Runtime Extensions modifications Firefox Safari Privacy concern Chrome Edge / IE Browser maintenance experience Under Explored Space uBlock PrivacyBadger Disconnect ? AdBlock Plus Runtime Extensions modifications Firefox Safari Privacy concern Chrome Edge / IE Browser maintenance experience Outline 1. Background Extension focus in practical privacy tools 2.
    [Show full text]
  • Vidyo® Server for Webrtc Click to Collaborate
    Datasheet Vidyo® Server for WebRTC Click to Collaborate The Vidyo Server for WebRTC extends the Vidyo platform to include WebRTC capable browsers. Now join Vidyo conferences right from their web browser without any software installation. With a simple click-to-connect link, participants can enjoy up to HD video quality. The Vidyo Server for WebRTC is fully integrated with the Vidyo platform. This means participants joining through WebRTC can enjoy the interoperability delivered by the Vidyo platform including native Vidyo endpoints as well as third party H.323, SIP, and Microsoft® Skype for Business®. Deployed as a virtual machine, the Vidyo Server for WebRTC can be easily managed and scaled to meet demand. Concurrency is determined by flexible VidyoLine licenses that can float between native Vidyo endpoints and WebRTC clients as needed. Calls are secured through encryption using HTTPS, DTLS, and SRTP. Key Features Incredible User Experience Easy to Deploy & Manage • Native WebRTC support for plug-in free • Virtual server for easy deployment in your videoconferencing data center, colocation facility or in the cloud • Support for non-WebRTC browsers via • Dynamically scalable capacity based on VidyoWeb plug-in provisioned resources • Full two-way video communications on • Spin up new instances of Vidyo Server for ChromeBooks WebRTC to rapidly cluster and add capacity • Multipoint video layouts with up to 6 viewable • Simplify administration, configuration and participants maintenance with web-based interface • Click to connect ease of use • Secured media and signaling encryption • HD quality video and content • Automatic firewall and NAT traversal with ICE, • Share content with other participants* (Only TURN, and STUN support available on Chrome.
    [Show full text]
  • Installation Guide Brightware 8.1.4
    Brightware™ Installation Guide Version 8.1.4 Trademark, Copyright, and Patent Acknowledgements edocs is a trademark of edocs, Inc. Brightware is a registered trademark of edocs, Inc. Brightware Contact Center Suite, Answer, Concierge, and Converse are trademarks of edocs, Inc. Adobe and Acrobat are registered trademarks of Adobe Systems Incorporated Internet Explorer, Microsoft Data Access Components Software Development Kit, Microsoft Management Console, Microsoft Virtual Machine, Personal Web Server, SQL Server, SQL 2000, Windows, and Word are registered trademarks of Microsoft Corporation Java, JavaScript, Solaris, and JRE are trademarks of Sun Microsystems, Inc. Linux is a registered trademark of Linus Torvalds Netscape Navigator is a registered trademark of Netscape Communications Corporation Oracle is a registered trademark of Oracle Corporation Red Hat is a registered trademark of Red Hat, Inc. Visual C++ is a trademark of Microsoft Corporation WebLogic Server is a trademark of BEA Systems, Inc. WebSphere is a registered trademark of International Business Machines Corporation. This document, as well as the software described in it, is delivered under license and may be used or copied only in accordance with the terms of such license. The content in this document is delivered for informational use only, is believed accurate at time of publication, is subject to change without notice, and should not be construed as a commitment by edocs, Inc. edocs, Inc. assumes no responsibility or liability for any errors or inaccuracies that may appear in this document. The User of the edocs applications is subject to the terms and conditions of all license agreements signed by the licensee of this application.
    [Show full text]
  • Discovering and Analyzing Unlisted Chrome Extensions
    Wild Extensions: Discovering and Analyzing Unlisted Chrome Extensions Aidan Beggs and Alexandros Kapravelos North Carolina State University fawbeggs,[email protected] Abstract. With browsers being a ubiquitous, if not required, method to access the web, they represent a unique and universal threat vec- tor. Browsers can run third-party extensions virtually invisibly in the background after a quick install. In this paper, we explore the abuse of browser extensions that achieve installations via suspicious methods. We scan the web for links to extension installations by performing a web crawling of the Alexa top 10,000 websites with recursive sub-page depth of 4 and leverage other tools to search for artifacts in the source code of webpages. We discover pages that have links to both listed and un- listed extensions, many times pointing to multiple different extensions that share the same name. Using this data, we were able to find 1,097 unlisted browser extensions ranging from internal directory lookup tools to hidden Google Docs extensions that pose a serious threat to their 127 million users. Keywords: browser extensions · JavaScript · browser security 1 Introduction Although they run largely in the background, extensions can be quite useful to the end user. Performing everything from letting users manage their email, to helping people manage their banking and crypto accounts, to blocking inva- sive ads (one of their most popular uses), extensions can ease the web browsing experience for many users. Upon installation, extensions will request the user for various permissions [9], however, many users have been conditioned to click "accept" without careful analysis of the permissions they are granting [10].
    [Show full text]