It is surprisingly difficult to find realistic, interesting and creative privacy case studies. It is perhaps even more difficult in the case of major software. There are no proper motivations for making this kind of work public (employees often paid to do some kind of work in-house; their compensation typically…
Read more
Unsecured ways of web browsing are fading away at accelerating pace. Technically this is done thanks to the increased deployment of HTTPS on the of web. Data indicates that above 70% of websites are now accessed via this secured protocol, those numbers quickly increasing. This is an important milestone in…
Read more
In this post we describe and demonstrate a neat trick to exfiltrate sensitive information from your browser using a surprising tool: your smartphone or laptop’s ambient light sensor.
In short:
1. We provide background about the light sensor API and current discussions to expose it more broadly to websites.…
Read more
It's 2016 and we are experiencing something unprecedented in the history of the Web.
Apparently, Web browsers (Firefox, Safari?) are removing parts of their functionality citing privacy concerns. This is a fascinating development.
Introduction
I am analysing security and privacy of modern Web for more than 8 years now. The…
Read more