I was surprised to discover the lack of information on this subject when I searched this topic on Google.
Of course, all the browsers' creators/vendors are worried about that, but their efforts are not yet coordinated, thus each browser has weaknesses/solutions.
For instance, regarding the XSS, CSRF, and malware-laced iframe attacks: Mozilla claims to have improved the security by releasing an add-on - Site Security Policy:
But even the "trusty", secure sites, could not be what they look like. In theory, the hash could be copied and can enter in collision.
(bellow, last paragraphs)
The comments to that article in blog are interesting as well.
Last edited by Kor; 07-23-2008 at 02:29 AM.
the only thing you can do is validate the request on the server.
once you hand the page over to a client, you have no technical control over how it might be used. i prefer pasting into firebug's larger command line, a virtual console. bookmarklets are another example. greasemonkey is an automated way to it.
i always tell people
Wow, thanks for all of the responses!
I understand the risks of XSS and CSRF and how to prevent them (or in the case of CSRF, "beef up" security to reduce the likelihood that the would occur). I was wondering about a different kind of attack (though it is not really an "attack"). The corny chat room example somewhat showed this type of injection. Here's another example:
the server for logging. After looking at the script, a malicious user could run your AJAX code
to send a score of 1,000,000 even if they earned only 5,000.
Last edited by shane.carr; 07-23-2008 at 05:59 PM.
security is an illusion.
for example: you could buy medico locks, and ADT alaarm system, and what do those do to pervent someone driving a pickup truck through the bedroom wall and grabbing your wife in the middle of the night. Rather an extreme example, i don't mean to frighten.
Indeed your medico locks will keep the crackhead from walking off with you dvd collection. but they probably wouldn't stop a professional cat burglar. And what would they to to an ID thief who taps your landline and reads your mail? Its all a battle of wits and odds.
E-security is little different. you don't know who your attacker is, or what their skill level may be. you could devise a very clever system that encryped everything, validated every bit, and someone would still find a flaw (if they wanted to put the time in).
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)