Description: Maybe you’ve heard it before - HTML 5 brings a whole slew of new features to web browsers, some of which can be a threat to security and privacy. But subtle interactions between the less explored corners of new browser features can have some unexpected and interesting side effects.
Traditionally, browser timing attacks involve cache or network timing. In this presentation, I’ll introduce a number of new techniques that perform timing attacks on graphics operations involving CSS and SVG to extract sensitive data from your browser. In my talk I will demonstrate cross-browser vulnerabilities against Chrome, Internet Explorer and Firefox that can be used to access your browsing history and read data from websites you’re logged into. I’ll also take a look at the difficulties involved in fixing these types of vulnerabilities.
For More Information please visit : - https://appsec.eu/
Tags: securitytube , hacking , hackers , information security , convention , computer security , OWASP-AppsecEU13 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.