HTML 5 is being developed to improve the look of websites, remove the need for Java and Flash plug-ins and bring the cloud to the browser. However, as with any new scripting language, its newness makes it attractive to cybercriminals.
Potentially, this could be quite dangerous. HTML 5 is more than a web language; it allows more data to be stored in the browser, making it easier for criminals to steal data.
Browsers have always stored relatively small amounts of data, limited mainly to website cookies. However, the fact that HTML 5 allows more data to be stored in the browser means that super-cookies can be created to track people's web behavior.
Some malware techniques have faded out of fashion because patches have been found for them, but HTML 5 opens the door to renewed exploitation.
A perfect example is click-jacking, which is a relatively simple malware technique, used to persuade users to click on a link through a pop-up box. With previous web standards, developers could create code to prevent click-jacking.
Because HTML 5 hides a lot of this detail from software writers, it makes it harder to distinguish between good and bad websites. This type of wall hampers a developer's ability to write secure code.
Copyright 2011 dzine it, Inc. website programming All rights reserved. This material may not be published, broadcast, rewritten or redistributed.