Security

Hacking everything, by Chris Evans / scarybeasts

Friday, January 23, 2009

Bypassing syscall filtering technologies on Linux x86_64

For those interested in syscall filtering technologies, check out my latest advisory on how policies can be bypassed under certain circumsta...

Thursday, December 18, 2008

Opera, SVGs and Java applets

Opera 9.63 was just released with some security fixes . I reported one of these issues, but neither myself nor Tarquin (a super friendly and...

Wednesday, December 17, 2008

Firefox cross-domain text theft....

... and a reappearance of the "302 redirect trick". Here's the second bug from my PacSec presentation, and it's another Fi...

Monday, November 24, 2008

Cookie forcing

It's time to write some coherent details about "cookie forcing", which is the name I've given for a new way to attempt to ...

Friday, November 21, 2008

Owning the paranoid: browser background traffic

When I talk to a lot of security researchers or paranoid types, it's very common to hear them describe how they very carefully access th...

Tuesday, November 18, 2008

E4X and a Firefox XML injection bug

Up-front credit to my colleagues Filipe Almeida and Michal Zalewski who led the way in E4X security research. If you haven't heard of E4...

Monday, November 17, 2008

Firefox cross-domain image theft... and the "302 redirect trick"

Here's the first bug with full details from my PacSec presentation. It's fixed in the recent Firefox 2.0.0.18 update. Firefox 3 was ...

View web version

Powered by Blogger.