HTML based portscanning - who needs Javascript?
Most of us are used to disabling scripting in our browsers, and a lost of security folks use the Firefox NoScript applet. Jeremiah Grossman's recent experiments with CSS based port scanning are interesting, and others are delving into the possibilities based on his original post. When you can pull browser histories without scripting, you have a whole new set of issues, and if this can be made to be cross domain, then we will need a whole new set of security techniques to protect our browsers. For now, be aware that browsing to a hostile site could mean that you are revealing more information than you may think that you are.
1 comment:
"For now, be aware that browsing to a hostile site could mean that you are revealing more information than you may think that you are."
It's worse than that though. Browsing any site could allow this information to be leaked. First, there are thousands of websites out there with cross-site scripting vulnerabilities through which these sorts of attacks could be carried out. Second, I can imagine that there are websites out there that would happily employ these techniques to glean as much marketing information as possible about their visitors. Is that hostile? Certainly it is, but until you know its happened, the website isn't hostile to you.
One day we will have to all face the facts that the web, from a security standpoint, is broken.
Post a Comment