The truth is that some things will never get picked up by the community unless you really start bragging about them. Repetition is a key element.
Obviously not an extremely devastating vulnerability but the issue, which I have reported here and also logged in Mozilla’s bugzilla 3 months ago, is still present and works quite well. This is yet another design bug which abuses the way browsers work rather then exploit a vulnerability within the software.
The issues is quite simple. [...]
The stuff I am about the discuss are not big deal but we should keep them in mind.
If you haven’t noticed yet, Google Chrome supports a bunch of command line options. You can get a listing of all command line options from chrome_switches.cc. Obviously, some of them look quite powerful. Is that a concern? Well, IMHO, I think so but there is no reason to panic just yet.
Why is this a concern? I will put it this way. [...]
So, Black Hat is next week. Great! I will be happy to see you all there. You may even join me on the 6th at 13:45 – the Client-side Security talk. The details of my talk are here, which btw is the improved version of what I have over here.
I am still working on my slides, trying to add that edge-ness I am always striving to achieve combined with a severe doze of simplicity. Don’t you know? Simple is the new black.
This time around I am visiting the conference as a tourist. [...]
test your web apps with websecurify application security testing runtime