JavaScript vs. Java

JavaScript and Java are similar in some ways but fundamentally different in some others. The JavaScript language resembles Java but does not have Java’s static typing and strong type checking. JavaScript follows most Java expression syntax, naming conventions and basic control-flow constructs which was the reason why it was renamed from LiveScript to JavaScript. In contrast to Java’s compile-time system of classes built by declarations, JavaScript supports a runtime system based on a small number of data types representing numeric, Boolean, and string values. JavaScript has a prototype-based object model instead of the more common class-based object model. The prototype-based model provides dynamic inheritance; that is, what is inherited can vary for individual objects. JavaScript also supports functions without any special declarative requirements. Functions can be properties of objects, executing as loosely typed methods. JavaScript is a very free-form language compared to Java. You do not have to declare all variables, classes, and methods. You do not have to be concerned with whether methods are public, private, or protected, and you do not have to implement interfaces. Variables, parameters, and function return types are not explicitly typed. Java is a class-based programming language designed for fast execution and type safety….

Spam with a malicious taste (update)

This post appeared originally in: IT Security blog:   I haven’t seen in a while a well done complex spam with malicious payload. This one appears to be addressed to first name of the email recipient. As you can see in the subject, it is addressed to “SORIN” since my email address is sorin.mustaca@… The spam contains a nice piece of social engineering which creates enough curiosity to the reader to open the attached archive.   The archive is called “Notice_to_appear_in_court_<random number>.zip. The only file in the archive is a JavaScript file extremely obfuscated : Notice_to_Appear_000483082.doc.js. First of all, I asked myself why a ZIP with a JS in it? ZIP is natively supported by Windows Explorer. If you have a ZIP archive, it will be automatically opened as a folder and you can execute any file in it. JS is executed by the Windows Script host without any HTML page to interpret it. Smart, I have to agree. Now,there are some things which ruined my amazement of this spam after I executed it in a VM.   It doesn’t work… 🙂   Apparently, due to a programming error a function is called recursively without any limit. I didn’t spend any time…

%d bloggers like this: