What do you power users think?
http://www.wolframalpha.com/
I'd be interested to try the engine to see what all the fuss is about, but one of the Java Script sources is huge, and I have no clue if it's doing any unflagged data gathering, because the privacy statement is predictably vague about its visitors' voluntary giving up of information.
Moreover, the whole site claims it needs JS for functionality, not just the question engine.
Not really ready to trust it yet.
I could live without trying it, because that kind of plugin answer engine can only be dumb, but if anyone's got a spare minute to look at the JS sources...
WolframAlpha scripts safe to run?
WolframAlpha scripts safe to run?
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.10) Gecko/2009042523 Ubuntu/9.04 (jaunty) Firefox/3.0.10
-
Alan Baxter
- Ambassador
- Posts: 1586
- Joined: Fri Mar 20, 2009 4:47 am
- Location: Colorado, USA
Re: WolframAlpha scripts safe to run?
I'll check it out. I doubt reading the source of its existing JS implementation will tell you anything which you should find reassuring. After all, it can be changed at any time. I'd say it couldn't be any worse than using various Google services, but I wouldn't assume it's any better, especially if the privacy statement is vague. Has a good rating on WOT and none on Site Advisor. Have you done a web search for any comments about it?
Edit: Looks like it might be a useful alternative to Google, Wikipedia, and Answers.com. I've just added it to my search bar with keyword "wolf".
Edit: Looks like it might be a useful alternative to Google, Wikipedia, and Answers.com. I've just added it to my search bar with keyword "wolf".
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10
Re: WolframAlpha scripts safe to run?
Hi NanM,
Analyzed the code there: jquery-1.3.2.min.js
I found that there is a possibility for an exploit here:
jquery-1.3.2.min.js can contains recognition pattern of JS/Dldr.Agent.Agr.1 java script virus.
The code on the site: http://www.wolframalpha.com//common/jav ... 3.2.min.js
index.js see: http://www.wolframalpha.com//common/jav ... 3.2.min.js
not something to show to the world and malcoders....
Apart from this, there was apparently no malicious injections or obfuscated script found,
luntrus
Analyzed the code there: jquery-1.3.2.min.js
I found that there is a possibility for an exploit here:
jquery-1.3.2.min.js can contains recognition pattern of JS/Dldr.Agent.Agr.1 java script virus.
The code on the site: http://www.wolframalpha.com//common/jav ... 3.2.min.js
index.js see: http://www.wolframalpha.com//common/jav ... 3.2.min.js
not something to show to the world and malcoders....
Apart from this, there was apparently no malicious injections or obfuscated script found,
luntrus
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1b5pre) Gecko/20090516 Shiretoko/3.5b5pre
Re: WolframAlpha scripts safe to run?
Thanks, Alan Baxter and luntrus.
The site manages its own scripts fairly well then, eh.
I wonder whether exploiters will be attracted to the site because of its introductory popularity?
How good is it to have NS .
I tried the engine on that evidence and I'm not all that impressed.
I'm also not impressed with the fancy extra light and sound calculations if the basic question doesn't get answered well.
Ending that OT right now and thanks again for your advice, gents.
Edited to remove OT personal data
The site manages its own scripts fairly well then, eh.
I wonder whether exploiters will be attracted to the site because of its introductory popularity?
How good is it to have NS .
I tried the engine on that evidence and I'm not all that impressed.
I'm also not impressed with the fancy extra light and sound calculations if the basic question doesn't get answered well.
Ending that OT right now and thanks again for your advice, gents.
Edited to remove OT personal data
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.10) Gecko/2009042523 Ubuntu/9.04 (jaunty) Firefox/3.0.10
-
Giorgio Maone
- Site Admin
- Posts: 9454
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: WolframAlpha scripts safe to run?
@luntrus:
JQuery is a respectable and popular JavaScript library by John Resig (who's also a Mozilla employee).
The problem is that most site embeds it in its minified version (for bandwith reasons), which makes differential fingerprinting from malicious obfuscated code OMG
quite difficult.
JQuery is a respectable and popular JavaScript library by John Resig (who's also a Mozilla employee).
The problem is that most site embeds it in its minified version (for bandwith reasons), which makes differential fingerprinting from malicious obfuscated code OMG
quite difficult.Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10 (.NET CLR 3.5.30729)
Re: WolframAlpha scripts safe to run?
Well Giorgio Maone,
Here is a particular example of what you mentioned, and a devious one:
http://blog.fortinet.com/code-injection-from-within/
luntrus
Here is a particular example of what you mentioned, and a devious one:
http://blog.fortinet.com/code-injection-from-within/
luntrus
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1b5pre) Gecko/20090517 Shiretoko/3.5b5pre