On Wednesday (12/17), Collin Jackson will be giving a talk at MIT titled, “Extracting Passwords from JavaScript Password Managers“. I can’t go due to scheduling conflicts but it seems worth considering if you are local and interested in my post about PassPack and Clipperz. I didn’t see any obvious papers from Collin’s website about the attacks he is describing but there are some that look worth reading.
-
About me
- Homepage
- Blog
- Publications
- Research
- E-mail me at
. - Follow me on Twitter here.
-
Recent Twitter Activity- Time to dust off my Athena account, you VMware-internal firewall you. 15 March 2010
- Nice. @sipb is running an SSH server on port 443. http://bit.ly/93JzDs 15 March 2010
- Hm. git add of a directory from which you manually rm'd a file doesn't add the file removal to the index. 12 March 2010
- Must not be following the right people to have totally missed that there's a #NoSQL Boston conf going on today. 11 March 2010
- Mapping Command to Control inside my @vmwarefusion Linux VM has done wonders for my sanity. 11 March 2010
One Comment
Collin is working on a security assessment focused on the Bookmarklet component used by some Online Password Managers.
He was very kind in notifying us (Clipperz) about a vulnerability that he found, and that we have already fixed.