2010- 2009
- 2008
- 2007
- 2006
2005
Shell Acoustics- Context Menus
- Security Lecture
- Unfortunate Typo
- Logging Out
- Switch
- Through the Looking Glass
- Scotland Video
- Comma Separated Values
- OU-M880 (Soft Eng)
- Cycling Britain
- Hidden Costs
- Hiring
- Golden
- Style vs Substance
- Bess
- Ajax Content
- DHTML Client
- Over There
- Content Hijacking
- Raw Statistics
- Trying to Fail
- SETI@home 2500
- Security Separation
- Gamma Ray Bursts
- Fishy Behaviour
- Moo Browser
- Caption this Photo
- All Good Things
- Dalek
- Moo Direction
- Open University
- OU-M865 (Projects)
- OU-M876 (Data)
- OU-M886 (Security)
- OU-M878 (Objects)
- OU-M874 (Java)
- OU-M873 (UI)
- Einstein's Riddle
- Glowing Books
- Hogmanay
- 2004
- 2003
- 2002
Security Lecture
9 December 2005
I just had the pleasure of giving a lecture on Internet security at a local high school. Over the years I've learned enough things the hard way that I figured I had a few tips to offer. The class was most impressive, they discovered the content hijacking exploit within 90 seconds of being told to hunt for "something unexpected" in a search form. It was wonderful to be in a room full of people eager to explore. The impromptu penetration testing of their websites was also quite enjoyable (ooh, I can execute arbitrary SQL statements).
While preparing for the lecture I discovered that the earlier content hijacking exploit is much more serious than I first thought. Imagine an evil website which contains 1x1 iframes at the bottom of the page. These iframes quietly load a hijacked page on vulnerable sites. The JavaScript on this page now has access to read (or write) cookies on the vulnerable site's domain, and post this data back to the cracker. The hijacked page could also recreate the login forms on the vulnerable site, then JavaScript could wait a few seconds in the hopes that the browser will auto-complete the input boxes, before posting the data back to the cracker. Nasty.
