random dross

Web security and beyond...

August, 2007

  • random dross

    An innovative new defense against cross-domain vulnerabilities

    Cross-domain (or “Universal XSS”) vulnerabilities have long plagued modern script-enabled web browsers. Shuo Chen of Microsoft Research has developed a new type of defense against these vulnerabilities. A paper on this new approach has been accepted to...
  • random dross

    Pinning / Rebinding / Quick-Swap DNS Links

    A group at Stanford has been researching these issues and recently published Protecting Browsers from DNS Rebinding Attacks . Also, Dan Kaminski has published his slides from Blackhat 2007, Black Ops 2007: Design Reviewing The Web .
Page 1 of 1 (2 items)