• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Bad Sites   »   HTML5 – The Good

HTML5 – The Good

  • Posted on:November 28, 2011 at 5:09 am
  • Posted in:Bad Sites
  • Author:
    Robert McArdle (Senior Threat Researcher)
4

This post is the first of a 3-part series of blog entries on HTML5

HTML5 is the fifth revision of the language that makes the web work, and this Wednesday we will be releasing a paper detailing some of the new attacks that are made possible by this technology. Over the next three days we’ll be looking at the Good, the Bad and the downright Ugly of what HTML5 adds to the web, and to the arsenal of cybercriminals.

First up – HTML5 (and its associated APIs) is not an upgrade like you may be familiar with when it comes to software – it’s actually a whole lot of individual features, each with differing browser support. There is a good Wikipedia article that shows which features are currently implemented. For me there are very many fantastic features in HTML5, but five of them really stand out – and I think these will really change how we interact with the web.

  1. New graphics libraries: HTML5 introduces the Canvas and WebGL libraries which allow for more feature-rich websites. There are some great demos up on this page . In particular, I think the WebGL library is a game changer – just look at how well the graphics work in this port of the famous Quake II game – now entirely coded in HTML5. For me, that opens up a whole new generation of how games will be played in the future.
  2. Easier multimedia content: If you have ever designed a site that included audio and video content you will know that it has always felt a bit clunky, and will normally require a bunch of <object> and <embed>  tags along with some flash to get things to work. Not anymore however – HTML5 introduces the very easy to use <video> and <audio> tags, making it simpler than ever to include multimedia content on your site. Support is so good that YouTube is already in the process of moving over to using HTML5
  3. Geolocation: People are accessing the Internet less and less from desktop machines, and even laptops. Today, a lot of people surf the web from handheld mobile devices such as smart-phones and tablets. The mobile nature of today’s web browsing, combined with the new Geolocation feature in HTML5 opens up a wealth of new possibilities. Knowing exactly where someone is when they access your site can help you personalize content for them to match their local surroundings. Imagine a hiking program whose default homepage allows you to plan trips if it sees you are accessing it from a built up area, but defaults to the interactive maps page if you are out in the countryside.
  4. Drag & Drop: This one is really subtle, but very important – Drag & Drop allows you to drag content from your browser directly onto your computer and from your computer to the browser. Doesn’t sound like a game changer really, does it? Well, check out this demo and then think what this means for a site like Facebook. Think about when you arrive back from your holidays and can simply select all of your holiday pics, drop them into the browser and instantly share them with your friends on the social network. Now that’s how I want to interact with the web!
  5. Web Notifications: Web Notifications are small pop-ups that appear outside of the browser windows itself, allowing users to interact with a site even if they are not currently looking at it. Currently these only work with the Google Chrome browser, and you can check out a demo of them. These notifications are perfect for mail alerts, social networks updates, Twitter, and a wide variety of other services. Along with Drag & Drop this feature really blurs the line between offline and online applications.

Those are just a taste of the fantastic new possibilities of HTML5, but there are many other demos out there on the web which are definitely worth a look. However just like powerful abilities in superhero movies, these features can be a double-edged sword.

Tomorrow, in the second part of the blog series, we will look at the Bad side of HTML5. Watch this space…

Learn how to protect Enterprises, Small Businesses, and Home Users from ransomware:
ENTERPRISE »
SMALL BUSINESS»
HOME»

Featured Stories

  • systemd Vulnerability Leads to Denial of Service on Linux
  • qkG Filecoder: Self-Replicating, Document-Encrypting Ransomware
  • Mitigating CVE-2017-5689, an Intel Management Engine Vulnerability
  • A Closer Look at North Korea’s Internet
  • From Cybercrime to Cyberpropaganda

Security Predictions for 2019

  • Our security predictions for 2019 are based on our experts’ analysis of the progress of current and emerging technologies, user behavior, and market trends, and their impact on the threat landscape. We have categorized them according to the main areas that are likely to be affected, given the sprawling nature of the technological and sociopolitical changes under consideration.
    Read our security predictions for 2019.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Recent Posts

  • February Patch Tuesday: Batch Includes 77 Updates That Cover Flaws in Internet Explorer, Exchange Server, and DHCP Server
  • Trickbot Adds Remote Application Credential-Grabbing Capabilities to Its Repertoire
  • Windows App Runs on Mac, Downloads Info Stealer and Adware
  • Linux Coin Miner Copied Scripts From KORKERDS, Removes All Other Malware and Miners
  • Various Google Play ‘Beauty Camera’ Apps Send Users Pornographic Content, Redirect Them to Phishing Websites and Collect Their Pictures

Popular Posts

  • Going In-depth with Emotet: Multilayer Operating Mechanisms
  • February Patch Tuesday: Batch Includes 77 Updates That Cover Flaws in Internet Explorer, Exchange Server, and DHCP Server
  • Various Google Play ‘Beauty Camera’ Apps Send Users Pornographic Content, Redirect Them to Phishing Websites and Collect Their Pictures
  • Linux Coin Miner Copied Scripts From KORKERDS, Removes All Other Malware and Miners
  • Trickbot Adds Remote Application Credential-Grabbing Capabilities to Its Repertoire

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.