Lycos Asia escapes search engine bug
Last week, Computerwire.com reported that Lycos' search engine could cause PCs to crash because of the way it renders HTML (Hypertext Markup Language) in its search results.
According to the report, when a Web site uses the ampersand sign (&) to annotate a HTML tag compared with a normal tag, the search function renders this as if it was HTML rather than text. This manner of rendering launches JavaScript from the results page without the surfer's knowledge.
Worse, the bug allows malicious hackers to develop JavaScript that can be executed through Lycos' (search) result page.
Should a Lycos user look for a term that pulls out Web sites encoded with these JavaScripts, this action could--depending on the script--cause numerous Internet browsers to pop up on the user's screen, or in a severe case, cause the PC to crash.
When contacted last week, US-based Terra Lycos director of Engineering Steven Chartier said via email: "This is being treated with the appropriate urgency. Neither Terra Lycos nor its joint ventures are at significant risk due to this problem."
Chartier however failed to reveal further details on how Lycos fell prey to the bug. He also declined to say how many surfers were affected.
Meanwhile, at home, Lycos Asia said the system hitch left it untouched. Adrian Lee, its director of Product Management, said: "Lycos Asia's search engine (which is similar to that used by Terra Lycos) is not affected."
Both companies use search engines developed by developed by Norway-based Fast Search & Transfer ASA (FAST), whose other customers include IBM, Dell, Ericsson and Germany-based Web.de.