WolframAlpha scripts safe to run?

General discussion about the NoScript extension for Firefox
Post Reply
Nan M
Ambassador
Posts: 102
Joined: Thu Mar 19, 2009 12:44 pm

WolframAlpha scripts safe to run?

Post by Nan M » Sat May 16, 2009 6:07 pm

What do you power users think?
http://www.wolframalpha.com/
I'd be interested to try the engine to see what all the fuss is about, but one of the Java Script sources is huge, and I have no clue if it's doing any unflagged data gathering, because the privacy statement is predictably vague about its visitors' voluntary giving up of information.
Moreover, the whole site claims it needs JS for functionality, not just the question engine.
Not really ready to trust it yet.

I could live without trying it, because that kind of plugin answer engine can only be dumb, but if anyone's got a spare minute to look at the JS sources...
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.10) Gecko/2009042523 Ubuntu/9.04 (jaunty) Firefox/3.0.10

Alan Baxter
Ambassador
Posts: 1586
Joined: Fri Mar 20, 2009 4:47 am
Location: Colorado, USA

Re: WolframAlpha scripts safe to run?

Post by Alan Baxter » Sat May 16, 2009 7:14 pm

I'll check it out. I doubt reading the source of its existing JS implementation will tell you anything which you should find reassuring. After all, it can be changed at any time. I'd say it couldn't be any worse than using various Google services, but I wouldn't assume it's any better, especially if the privacy statement is vague. Has a good rating on WOT and none on Site Advisor. Have you done a web search for any comments about it?

Edit: Looks like it might be a useful alternative to Google, Wikipedia, and Answers.com. I've just added it to my search bar with keyword "wolf".
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10

luntrus
Senior Member
Posts: 237
Joined: Sat Mar 21, 2009 6:29 pm

Re: WolframAlpha scripts safe to run?

Post by luntrus » Sat May 16, 2009 10:56 pm

Hi NanM,

Analyzed the code there: jquery-1.3.2.min.js
I found that there is a possibility for an exploit here:

jquery-1.3.2.min.js can contains recognition pattern of JS/Dldr.Agent.Agr.1 java script virus.

The code on the site: http://www.wolframalpha.com//common/jav ... 3.2.min.js

index.js see: http://www.wolframalpha.com//common/jav ... 3.2.min.js
not something to show to the world and malcoders....

Apart from this, there was apparently no malicious injections or obfuscated script found,

luntrus
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1b5pre) Gecko/20090516 Shiretoko/3.5b5pre

Nan M
Ambassador
Posts: 102
Joined: Thu Mar 19, 2009 12:44 pm

Re: WolframAlpha scripts safe to run?

Post by Nan M » Sun May 17, 2009 5:27 am

Thanks, Alan Baxter and luntrus.

The site manages its own scripts fairly well then, eh.
I wonder whether exploiters will be attracted to the site because of its introductory popularity?
How good is it to have NS .
I tried the engine on that evidence and I'm not all that impressed.
I'm also not impressed with the fancy extra light and sound calculations if the basic question doesn't get answered well.

Ending that OT right now and thanks again for your advice, gents.

Edited to remove OT personal data
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.10) Gecko/2009042523 Ubuntu/9.04 (jaunty) Firefox/3.0.10

User avatar
Giorgio Maone
Site Admin
Posts: 8934
Joined: Wed Mar 18, 2009 11:22 pm
Location: Palermo - Italy
Contact:

Re: WolframAlpha scripts safe to run?

Post by Giorgio Maone » Sun May 17, 2009 9:31 am

@luntrus:
JQuery is a respectable and popular JavaScript library by John Resig (who's also a Mozilla employee).
The problem is that most site embeds it in its minified version (for bandwith reasons), which makes differential fingerprinting from malicious obfuscated code OMG :shock: quite difficult.
Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10 (.NET CLR 3.5.30729)

luntrus
Senior Member
Posts: 237
Joined: Sat Mar 21, 2009 6:29 pm

Re: WolframAlpha scripts safe to run?

Post by luntrus » Sun May 17, 2009 4:26 pm

Well Giorgio Maone,

Here is a particular example of what you mentioned, and a devious one:
http://blog.fortinet.com/code-injection-from-within/

luntrus
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1b5pre) Gecko/20090517 Shiretoko/3.5b5pre

Post Reply