> On 17 Feb 2016, at 3:59 AM, David Illsley <[email protected]> wrote: > > I'm interested in the Sandboxing point in section 4. I understand these to be > designed as a pro-user security feature. In general I don't trust random > network devices in hotels so I'll use a VPN. That leaves me open to malware > attacks from the captive portal [1]. Deciding to put captive portals into a > more-restrictive-than-usual sandbox then seems reasonable to me. > > Can you explain the problems caused by sandboxing (I don't think I've ever > experienced them)?
AIUI, some captive portals want access to the users' normal cookies; e.g., to log into Facebook to authenticate the user (yeah, I know...). Also, I understand that some captive portal sandboxes don't allow some browser features like video playback, and some captive portals feel that they need this functionality. Cheers, > David > > [1] http://www.wired.com/2014/11/darkhotel-malware/ -- Mark Nottingham https://www.mnot.net/ _______________________________________________ Captive-portals mailing list [email protected] https://www.ietf.org/mailman/listinfo/captive-portals
