|
Title: Hacking protonmail - with a browser Post by: herzmeister on July 07, 2014, 04:24:17 PM Hacking protonmail - with a browser
http://vimeo.com/99599725 /cc all those fancy HTML5-Javascript-wallets out there (blockchain.info, Ripple, etc) Title: Re: Hacking protonmail - with a browser Post by: Sukrim on July 07, 2014, 06:11:30 PM So because they don't escape < > characters in their webmail client makes blockchain.info or Ripple-client vulnerable to something similar?! ???
Title: Re: Hacking protonmail - with a browser Post by: yayayo on July 07, 2014, 06:33:34 PM Hacking protonmail - with a browser http://vimeo.com/99599725 /cc all those fancy HTML5-Javascript-wallets out there (blockchain.info, Ripple, etc) I use a very simple heuristic that saved me from a lot of trouble: Scripted websites are unsuitable for security applications - don't use them for anything sensible. These days every idiotic page requires scripting for useless effects - often you can't even view simple text without scripting enabled... i cannot express how much I hate this! Scripting is a disease. ya.ya.yo! |