C# in the Browser…what the…?

Tagged: , ,

Viewing 0 reply threads
  • Author
    Posts
    • #169314
      Michael J. Conway
      Participant

      Was just reading the MS blog and came across a post talking about running C# in the browser in a manner similar to JavaScript. For whatever reason, that kind of scares me. C# is a high-level language that can and does call various system DLLs. MS does say that the C# would run in the same security sandbox as JavaScript but a quick Google shows that that is not full proof.

      C# takes advantage of advantage of the newest capabilities of browsers, WebAssembly (WASM). Back in March, the Spectre vulnerabilities hit the open web and they were able to be used to exploit systems by being compiled into JavaScript. They too took advantage of WASM. While I think this is a cool development and C# offers more advanced security, it can also open a whole new attack vector.

      I, for one, will be eagerly awaiting the day we start hearing about C# browser exploits.

      https://msdn.microsoft.com/magazine/mt829752?MC=MSAzure&MC=DevOps&MC=Vstudio&MC=Testing&MC=CSHARP
      https://react-etc.net/entry/web-security-exploits-c-to-javascript-webassembly

Viewing 0 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?