Pixel Perfect Timing Attacks Pose Risk for New Generation of Browsers
Context presents dangerous side effects of new browser features yesterday at Black Hat USA 2013
1 August 2013: At Black Hat 2013 in Las Vegas yesterday, Paul Stone, a senior consultant at Context Information Security presented details of new vulnerabilities and threats to security and privacy as a result of HTML 5 features in the latest generation of web browsers. His talk entitled, Pixel Perfect Timing Attacks with HTML 5, showed how cross-browser vulnerabilities in Chrome, Internet Explorer and Firefox can be used to access browsing histories and read data from websites after visitors have logged in. A detailed White Paper has also been published today and is available online at http://contextis.co.uk/research/white-papers/pixel-perfect-timing-attacks-html5/
While traditional browser timing attacks involve cache or network timing, it is now possible to use a number of new techniques that perform timing attacks on graphics operations involving CSS and SVG to extract sensitive data from your browser including your browsing history or text from other browser sessions. In effect, hackers can use timing information to read pixels from web pages, allowing them to tell which links have been visited and to read text from other websites.
“While HTML 5 offers developers a range of new features such as improved animation and graphics support, some of these new capabilities have some unexpected side effects with privacy and security implications,” says Context’s Paul Stone.
Context alerted browser vendors as soon as it discovered the vulnerabilities and they are investigating ways in which the timing attacks can be prevented. “Users concerned about these vulnerabilities can mitigate the risks by regularly clearing their browsing history or using private browsing windows to separate their browsing sessions,” adds Stone.
About Context
Context was launched in 1998 and has a client base that includes some of the world’s most high profile blue chip companies, alongside government organisations. An exceptional level of technical expertise underpins all Context services, while a detailed and comprehensive approach helps clients to attain a deeper understanding of security vulnerabilities, threats or incidents. Many of the world’s most successful organisations turn to Context for technical assurance, incident response and investigation services. Context is also at the forefront of research and development in security technology.
As well as publishing white papers and blogs addressing current and emerging security threats and trends, Context consultants are frequently invited to present at open and closed industry events around the world. Context delivers a comprehensive portfolio of advanced technical services and with offices in the UK, Germany and Australia, is ideally placed to work with clients worldwide.
