Tweets
-
#RSAC registration page sends 1 POST per password keystroke. Way to make side channel attacks easier on the most sensitive data you can get. -
.
@freddyb made a nice catch on what could be potential CSP bypass with HTML imports http://lists.w3.org/Archives/Public/public-webapps/2014JanMar/0026.html … -
@freddyb cheer up! it lost the browser war years ago. -
@freddyb@0x6d6172696f you guys checked that proxy for leaks? usually html5 video -
You know who rocks?
@gynvael and@j00ru - they fuzzed FFmpeg during last two YEARS and found 1120 bugs http://googleonlinesecurity.blogspot.com/2014/01/ffmpeg-and-thousand-fixes.html … -
So, there's a vibrate API, someone came up with a bs* "vuln": http://shkspr.mobi/blog/2014/01/malicious-use-of-the-html5-vibrate-api/ … - just like the Fullscreen API "vuln" from back when.
-
Safari, I thought you know better: …http://xn--luaaaaaaaaaaaaaaaaaaaaaaaaaaaa8465w.ws // http://blog.dinaburg.org/2014/01/stupid-idn-tricks-unicode-combining.html …
-
-
2nd Bitcoin miner after Satoshi shares his story https://medium.com/p/1c9b0c107ed "Today, I am essentially paralyzed ... but my life is not too bad"
-
"AngularJS uses comment nodes to store information." Wait... what? http://bugs.jqueryui.com/ticket/9727
-
@homakov my mistake, sorry -
@homakov sheesh, just use two ## for hard mode. -
@homakov hxxp://www.sakurity.com/issue_token?uri=hxxp://www.sakurity.com/triple?to=hxxp://evil%23 and just location.hash this -
What's wrong with in-browser cryptography? http://tonyarcieri.com/whats-wrong-with-webcrypto … very interesting
-
Metadata for beginners ;)
#30c3#eff pic.twitter.com/ElQsRUa4AR -
Yan
kkotowicz
CoriDrew
Juliano Rizzo
TJ VanToll
Marion Marschalek
Daniel Bilar
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.