March 21, 2014

Could Your HTML5 Site or App Defend Itself Against Attacks?

It’s enough to make web and mobile developers shiver with excitement—the ability to code an application that can defend itself from malevolent hackers and bots. Portugal-based web security company JScrambler is on a mission to make that a reality with its updated release, JScrambler 3.5.

The app protection service is designed to bring self-defending capabilities to web and mobile applications based on HTML5 and JavaScript technologies. Because HTML5 and JavaScript are readable, it’s easy for others to copy it, reuse it, hack it or insert malware.

“The fact that these applications are delivered in clear text puts tampering on top of IT security manager’s concerns,” the company wrote in a recent blog on its website.

The solution is JavaScript obfuscation, which scrambles the original code automatically into an incomprehensible form to a human while maintaining the original functionality of the code. JScrambler uses the obfuscation technique, but also installs traps throughout the code to enforce the license agreement, to prevent tampering and debugging of the code and to exert control if the code is being executed in the expected environment.

“JScrambler is the first solution to introduce self-defending capabilities to HTML5/JavaScript applications, including mobile,” said Pedro Fortuna, JScrambler's CTO. “The application developer submits its code, we process it automatically by transforming the original code and adding logic that makes the application detect tamper attempts, breaking down on purpose, to mitigate the attacks.”

The updated release of JScrambler also includes the ability to lock your code to a certain browser or platform, and a feature that allows the developer to include in the code JavaScript comments that tell JScrambler to behave differently in certain blocks of code, according to the company.

JScrambler 3.5 reportedly can protect JavaScript libraries, including Node.js, jQuery, Boostrap and web gaming frameworks.

“We're placing bets on various technologies that have potential to disrupt multiple industries,” said Ben Chong, CEO of MarketJS, a HTML5 gaming platform. “HTML5 plus JavaScript, when applied to gaming allow us to quickly penetrate a good number of mobile platforms. JScrambler provides the security, and they do it extremely well.”

Edited by Cassandra Tucker


HTML 5 Demos and Examples

HTML 5 experimentation and demos I've hacked together. Click on the browser support icon or the technology tag to filter the demos.... Learn More

HTML5 GAMES is the largest and most comprehensive directory of HTML5 games on the internet... Learn More

The HTML5 test

How well does your browser support HTML5?... Learn More

Working Draft (WHATWG)

This is the Editor’s Draft from WHATWG. You can use it online or print the available PDF version... Learn More

HTML5 Flip Book

Free jQuery and HTML5 flip book maker for PDF to online page turning book conversion... Learn More