[talk] Browser Abuse.
Isaac (.ike) Levy
ike at blackskyresearch.net
Tue Oct 11 12:29:45 EDT 2016
Hi Suit,
> On Oct 8, 2016, at 12:14 PM, Sujit K M <kmsujit at gmail.com> wrote:
>
> Hi All,
>
> I had a simple question for all, If you look at an web browser what are the
> sort of abuses it still cannot handle.
>
> For one, I find Ajax has a lot of security concerns regarding the pace at which
> it does transactions. Any Ideas?
>
> Regards,
> Sujit K M
Sorry there was no good response here on this, but I think browser abuses are something which folks around NYC*BUG aren’t too engaged in tracking- it’s been a disaster since JS et. al. were invented… I mean, who thought that running arbitrary code from an untrusted source on the internet, from simply navigating to some site, was ever a good idea? :)
With that, there are many OS facilities which attempt restricting/sandboxing running processes- with more and less fuss. (FreeBSD has facilities like jail(2) and capsicum(4), OpenBSD has pledge(2), etc…)
Is there a specific applied security case you are trying to handle?
Best,
.ike
More information about the talk
mailing list