I am currently on a project that is extremely high security, and I can not get over how they handle site applications .

Everything I have been exposed to so far, uses Internet Explorer to connect to several different remote hosts on the internet for information - who's interface is pure JavaScript !

I asked the a site cyber security officer ( yes that is their job title ) why they do it that way, and he responded that it was recommended by a "cyber security" expert.

I can not say exactly what I am working on, but let's just say it is very security sensitive !

what do you mean by pure javascript, as in something like:

   if(inputPassword=="mypassword")

type of security on the webpage?

what do you mean by pure javascript, as in something like:

   if(inputPassword=="mypassword")

type of security on the webpage?

If i even attempted to look at the source code I'd be fired and arrested ( no joke ).

The back end may be PHP / SQL, however the applications present quite a few glitches and bugs, indicating not-so-good programming practices.

Security through obscurity FTW!

I just found out today they have virtually their entire personnel security network hooked up to IE ...

Would it have killed them to create a custom "high security" program with C++ to communicate with remote servers ?!

The language doesn't matter. The techniques used do.

hmmm, using a browser that does not update itself in those days is the incredible security. This browser can be any secure as MS argues, but, in case of a fault detection, that happens every day, it will just start happily and do nothing, while some browsers, if run in high security mode, will not run untill fix for an issue comes ready to deploy. Also, IE has a habit of not being compatible with older windowses, doing miracles in kernel, so if it halts up, all you can do is switch off computer. Terrible software

what do you mean by pure javascript, as in something like:

   if(inputPassword=="mypassword")

type of security on the webpage?

If i even attempted to look at the source code I'd be fired and arrested ( no joke ).

o man, i can't believe i missed this. That's a hilarious detorrent. If your security policy includes "click this button and your fired" their are some serious problems with the company.