Spook.js - This will bloat Chrome even more | The Backend Engineering Show
The Backend Engineering Show with Hussein Nasser - Un pódcast de Hussein Nasser
Categorías:
Spook.js is a new transient execution side channel attack which targets the Chrome web browser. We show that despite Google's attempts to mitigate Spectre by deploying Strict Site Isolation, information extraction via malicious JavaScript code is still possible in some cases. Resources https://www.spookjs.com/ https://www.chromium.org/developers/design-documents/site-isolation Paper: https://www.spookjs.com/files/spook-js.pdf Chapters 0:00 Process Isolation in Chrome 8:00 Spook.js subdomain Attack 12:00 Spook.js Extension Attack 13:00 Summary Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg Support my work on PayPal https://bit.ly/33ENps4 🧑🏫 Courses I Teach https://husseinnasser.com/courses