Practical Side Channel Attacks on Modern Browsers - Lecture 6
Offered By: YouTube
Course Description
Overview
Explore practical side channel attacks on modern browsers in this 58-minute conference talk by Angelo Prado at Takedowncon Rocketcity 2014. Delve into various injection attacks, privilege escalation techniques, and denial of service methods. Learn about browser XSS filters, timing attacks, clipboard vulnerabilities, and login & history side channels. Examine timing with heavy queries, requestAnimation Frame Timing, and the use of Flash as a side channel. Discover the potential security risks associated with the Data URI scheme and gain insights into protecting against these sophisticated browser-based attacks.
Syllabus
Intro
Spain Is A Beautiful Country
Internationally-Recognized
Different Injection Attacks
Privilege Escalation
And of course, Denial of Service
BROWSER XSS FILTERS
BROWSER TIMING ATTACKS
BROWSER CLIPBOARD ATTACKS
PRETTY PURPLE COLORS
LOGIN & HISTORY SIDE CHANNELS
TIMING WITH HEAVY QUERIES
requestAnimation Frame Timing
FLASH AS A SIDE CHANNEL
DATA URI SCHEME
Related Courses
Hardware SecurityUniversity of Maryland, College Park via Coursera Cryptography and Information Theory
University of Colorado System via Coursera Introduction to Software Side Channels and Mitigations
Graz University of Technology via edX Side-Channel Security: Developing a Side-Channel Mindset
Graz University of Technology via edX Physical and Advanced Side-Channel Attacks
Graz University of Technology via edX