The IT Law Wiki
Explore
Main Page
All Pages
Community
Interactive Maps
Random page
TopContent
Most Visited Pages
Cell phone
RFID tag
Fair Information Practice Principles
Cyberspace
Wireless network
Unmanned maritime system
Newly Changed Pages
Pornography
Message modification
Privacy Act of 1974
Cyberattack
Windows Media Player
Beats per minute
Website operator
Most Popular Pages
community
Community portal
forum
FANDOM
Fan Central
BETA
Games
Anime
Movies
TV
Video
Wikis
Explore Wikis
Community Central
Start a Wiki
Don't have an account?
Register
Sign In
FANDOM
Explore
Current Wiki
Start a Wiki
Don't have an account?
Register
Sign In
Sign In
Register
The IT Law Wiki
34,538
pages
Explore
Main Page
All Pages
Community
Interactive Maps
Random page
TopContent
Most Visited Pages
Cell phone
RFID tag
Fair Information Practice Principles
Cyberspace
Wireless network
Unmanned maritime system
Newly Changed Pages
Pornography
Message modification
Privacy Act of 1974
Cyberattack
Windows Media Player
Beats per minute
Website operator
Most Popular Pages
community
Community portal
forum
Editing
Mobile code
Back to page
Edit
Edit source
View history
Talk (0)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
== Definitions == '''Mobile code''' is {{Quote|[[software]] that is [[transmit]]ted from a [[remote system]] to be [[execute]]d on a local [[system]], typically without the [[user]]'s explicit instruction.<ref>''See'' [[NIST Special Publication 800-28]].</ref>}} {{Quote|[[software program]]s or parts of [[program]]s obtained from [[remote]] [[information system]]s, [[transmit]]ted across a [[network]], and [[execute]]d on a local [[information system]] without explicit [[installation]] or [[execution]] by the recipient.<ref>[[NIST Special Publication 800-18]], at 35.</ref>}} {{Quote|[a] [[program]] (e.g., [[script]], [[macro]], or other portable instruction) that can be shipped unchanged to a heterogeneous collection of [[platform]]s and executed with identical semantics.<ref>[[Framework for Improving Critical Infrastructure Cybersecurity]], Version 1.1, App. B, at 46.</ref>}} == Overview == Mobile code has become a popular way of writing [[program]]s that can be used by many different [[operating system]]s and [[application]]s, such as [[Web browser]]s and [[e-mail client]]s. Although mobile code is typically benign, [[attacker]]s have learned that [[malicious]] mobile code can be an effective way of [[attack]]ing [[system]]s, as well as a good mechanism for [[transmit]]ting [[virus]]es, [[worm]]s, and [[Trojan horse]]s to [[user]]s' [[workstation]]s. == Malicious mobile code == Malicious mobile code {{Quote|is software that is [[transmit]]ted from a [[remote computer]] to be [[run]] on the local [[computer]] for malicious purposes, typically without the [[user]]βs explicit instruction or [[knowledge]].<ref>[[NIST Special Publication 800-69]], at 3-22 n.45.</ref>}} Malicious mobile code differs significantly from [[virus]]es and [[worm]]s in that it does not [[infect]] [[file]]s or attempt to propagate itself. Instead of [[exploit]]ing particular [[vulnerabilities]], it often affects [[system]]s by taking advantage of the [[default privilege]]s granted to mobile code. Popular [[language]]s for malicious mobile code include [[Java]], [[ActiveX]], [[JavaScript]], and [[VBScript]]. One of the best-known examples of [[malicious]] mobile code is [[Nimda]], which used [[JavaScript]]. == Security measures == [[Application]]s such as [[Web browser]]s and [[e-mail client]]s can be [[configure]]d to permit only the required forms of mobile code (e.g., [[JavaScript]], [[ActiveX]], [[Java]]) and to run mobile code only from particular locations (i.e., internal [[website]]s only). This can be effective at stopping some instances of [[malicious]] mobile code, but may also impact the [[functionality]] of benign [[website]]s. [[Web content filtering software]] can also be deployed to [[monitor]] [[Web]]-related [[network]] activity and block certain types of mobile code from untrusted locations. == References == <references /> == See also == * [[Mobile code technologies]] [[Category:Software]] [[Category:Security]] [[Category:Definition]]
Summary:
Please note that all contributions to the The IT Law Wiki are considered to be released under the CC-BY-SA
Cancel
Editing help
(opens in new window)
Template used on this page:
Template:Quote
(
view source
)
Follow on IG
TikTok
Join Fan Lab