deian
- Karma
- 23
- Created
- October 13, 2014 (11y ago)
- Submissions
- 0
Ass. Prof at UCSD (Fall 2016). Chief Scientist at GitStar.
If you want to hack on compilers, run-time systems, or securing Node.js contact me (see how: http://deian.org).
[ my public key: https://keybase.io/deian; my proof: https://keybase.io/deian/sigs/qJGyCaj7fvHQK977LrsMDAdUHgt_G1hWRBenW0sbK6E ]
It is doable, but it's hard to make it fast on all platform. See the SegmentZero32 description in <https://cseweb.ucsd.edu/~dstefan/pubs/kolosick:2022:isolatio...> for an example prototype.
Yep, isolated worlds is definitely what we want, and part of the inspiration for the particular (DOM modification) feature we proposed. I think CSP helps with 1 & 2, unless I'm missing something? (Our labels map down to…
"Unfortunately, since the entire point of it is to protect against malicious leaks..." That's actually not the entire point. At least in this paper, we do not claim to address attacks that leverage covert channels. But…
Rather than reply individually to the messages from this thread, I'm going to try to clarify some things here. I think a lot of good points were brought up both with regards to the "taint" mechanism and timing covert…
Right, minimizing attack surface is pretty important. Though the described attack scenario (a form of self-exfiltration attacks [1]) is something we did think about. (The details of the core IFC mechanism are describe…
Even worse, they only update if they don't need any additional permissions. Thus incentivizing developers to ask for more permissions up front.
"I believe that concerns like this are why Apple will introduce the "content blocking" extensions in iOS 9 and OS X 10.11. They enable the most popular types of extension (ad blocking and privacy protection) without…
"Do you mean that you'll compare the network requests made from the main and the shadow pages?" Essentially, yes. Requests from the extension should be treated as if they are of an origin different from the page. (We…
That's a tricky question. Some extension (e.g., HTTPS Everywhere[1]) can improve your privacy on the Web and are arguably written by developers that as trustworthy as your browser developers. But, in general, I would be…
Yep, you are right. If the crypto/label API didn't force a fixed-length blob (which may be hard to do), it would certainly be leaking some information.
Very good points. We proposed a way to deal with DOM manipulation in the paper [1], but Stefan omitted this in the blog post. Specifically, Section 4 of the paper (the "Page access" paragraph) briefly describes this.…