News
Pixel Perfect Timing Attacks Pose Risk for New Generation of Browsers
August 2013 by Marc Jacob
At Black Hat 2013 in Las Vegas yesterday, Paul Stone, a senior
consultant at Context Information Security presented details of new vulnerabilities
and threats to security and privacy as a result of HTML 5 features in the latest
generation of web browsers. His talk entitled, Pixel Perfect Timing Attacks with
HTML 5, showed how cross-browser vulnerabilities in Chrome, Internet Explorer and
Firefox can be used to access browsing histories and read data from websites after
visitors have logged in. A detailed White Paper has also been published today and is
available online at
http://contextis.co.uk/research/white-papers/pixel-perfect-timing-attacks-html5/
While traditional browser timing attacks involve cache or network timing, it is now
possible to use a number of new techniques that perform timing attacks on graphics
operations involving CSS and SVG to extract sensitive data from your browser
including your browsing history or text from other browser sessions. In effect,
hackers can use timing information to read pixels from web pages, allowing them to
tell which links have been visited and to read text from other websites.
“While HTML 5 offers developers a range of new features such as improved animation
and graphics support, some of these new capabilities have some unexpected side
effects with privacy and security implications,” says Context’s Paul Stone.
Context alerted browser vendors as soon as it discovered the vulnerabilities and
they are investigating ways in which the timing attacks can be prevented. “Users
concerned about these vulnerabilities can mitigate the risks by regularly clearing
their browsing history or using private browsing windows to separate their browsing
sessions,” adds Stone.
About Context
Context was launched in 1998 and has a client base that includes some of the
world’s most high profile blue chip companies, alongside government organisations.
An exceptional level of technical expertise underpins all Context services, while a
detailed and comprehensive approach helps clients to attain a deeper understanding
of security vulnerabilities, threats or incidents. Many of the world’s most
successful organisations turn to Context for technical assurance, incident response
and investigation services. Context is also at the forefront of research and
development in security technology.
As well as publishing white papers and blogs addressing current and emerging
security threats and trends, Context consultants are frequently invited to present
at open and closed industry events around the world. Context delivers a
comprehensive portfolio of advanced technical services and with offices in the UK,
Germany and Australia, is ideally placed to work with clients worldwide.
