Pixel-Perfect Timing Attacks with HTML5

Presented at Black Hat USA 2013, July 31, 2013, 5 p.m. (30 minutes)

Maybe you've heard it before - HTML 5 and related technologies bring a whole slew of new features to web browsers, some of which can be a threat to security and privacy. But subtle interactions between the less explored corners of new browser features can have some unexpected and dangerous side effects.

In this presentation, I'll introduce a number of new techniques that use JavaScript-based timing attacks to extract sensitive data from your browser. In my talk I will demonstrate cross-browser vulnerabilities against Chrome, Internet Explorer and Firefox that can be used to access your browsing history and read data from websites you're logged into. I'll also take a look at the difficulties involved in fixing these types of vulnerabilities.

Presenters:

• Paul Stone - Context Information Security
  Paul is a senior consultant for Context Information Security in the UK where he performs security research, penetration testing and tool development. He has a focus on web application and browser security and has reported a number of vulnerabilities in the major web browsers including Chrome, Internet Explorer, Firefox and Safari. He has previously spoken at Blackhat Europe, presenting the well-received 'Next Generation Clickjacking' talk. Last year, Paul published research on his cross-browser Framesniffing technique.

Links:

• https://www.blackhat.com/us-13/archives.html#Stone
• https://www.youtube.com/watch?v=KcOQfYlyIqw
• https://media.blackhat.com/us-13/US-13-Stone-Pixel-Perfect-Timing-Attacks-with-HTML5-WP.pdf

Similar Presentations:

• DEF CON 15 (2007) / It's All About the Timing
• ToorCon San Diego 16 (2014) / Time Trial: Racing Towards Practical Timing Attacks
• Black Hat USA 2014 / Time Trial: Racing Towards Practical Timing Attacks