Again - SSL flaws, bad server, etc... Maybe a buggy browser. Can you imagine a bug allowing JS injection in any tab? Post a bit.ly link and wait for keys... Bugs like that have existed before.
2012-04-01 02:54 skrev James A. Donald: On 2012-04-01 7:51 AM, natanae...@gmail.com wrote: > It's running in a browser using JS... To attack JS, the attacker needs to induce the victim to open the attackers web page at the same time as the attacked web page, and successfully apply a cross site scripting attack. The simplicity of the crypto.cat web page is apt to make cross site scripting attacks difficult. _______________________________________________ cryptography mailing list natanae...@gmail.com http://lists.randombit.net/mailman/listinfo/cryptography
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
