[kwlug-disc] DuckDuckGo.com -- an alternate search engine
Johnny Ferguson
hyperflexed at gmail.com
Thu Jul 29 16:36:34 EDT 2010
On 07/28/2010 11:12 AM, Fernando Duran wrote:
>
>
> ----- Original Message ----
>> From: Eric Gerlach<eric+kwlug at gerlach.ca>
> ...
>>
>> Attack #1: Using existing logins
>>
>> - You're logged into a site you care about (let's say your bank, or
>> launchpad)
>> - Malicious Javascript looks through your history (yes, it can do this)
>> to find recently visited sites that it knows about
>
>
> Just tooting my own horn: detecting browser's history is very easy to do, we
> implemented it in http://watsec.com/myip
>
How is this accomplished? I'm rather disgusted that enabling js can let
people know who my bank is.
-Johnny
> Cheers,
>
> Fernando
> http://fduran.com
>
>
>
>
>
> _______________________________________________
> kwlug-disc_kwlug.org mailing list
> kwlug-disc_kwlug.org at kwlug.org
> http://astoria.ccjclearline.com/mailman/listinfo/kwlug-disc_kwlug.org
More information about the kwlug-disc
mailing list