Stealing With Style - Using CSS to Exploit ProtonMail & Friends

Explore critical vulnerabilities discovered in privacy-oriented webmail providers like ProtonMail, Tutanota, and Skiff in this 40-minute Black Hat conference talk. Delve into the technical details of how CSS can be exploited to compromise end-to-end encryption, potentially allowing attackers to steal emails, impersonate victims, and even execute remote code. Gain insights into the security challenges faced by platforms designed to protect high-risk users such as journalists, whistleblowers, and political activists. Learn about the importance of client-side security in maintaining the integrity of encrypted communications and the potential consequences when vulnerabilities are present in seemingly secure systems.

Stealing With Style: Using CSS to Exploit ProtonMail & Friends