4 min listen
Spook.js - This will bloat Chrome even more | The Backend Engineering Show
Spook.js - This will bloat Chrome even more | The Backend Engineering Show
ratings:
Length:
18 minutes
Released:
Sep 13, 2021
Format:
Podcast episode
Description
Spook.js is a new transient execution side channel attack which targets the Chrome web browser. We show that despite Google's attempts to mitigate Spectre by deploying Strict Site Isolation, information extraction via malicious JavaScript code is still possible in some cases.
Resources
https://www.spookjs.com/
https://www.chromium.org/developers/design-documents/site-isolation
Paper: https://www.spookjs.com/files/spook-js.pdf
Chapters
0:00 Process Isolation in Chrome
8:00 Spook.js subdomain Attack
12:00 Spook.js Extension Attack
13:00 Summary
Become a Member on YouTube
https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join
? Members Only Content
https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg
Support my work on PayPal
https://bit.ly/33ENps4
?? Courses I Teach
https://husseinnasser.com/courses
Resources
https://www.spookjs.com/
https://www.chromium.org/developers/design-documents/site-isolation
Paper: https://www.spookjs.com/files/spook-js.pdf
Chapters
0:00 Process Isolation in Chrome
8:00 Spook.js subdomain Attack
12:00 Spook.js Extension Attack
13:00 Summary
Become a Member on YouTube
https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join
? Members Only Content
https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg
Support my work on PayPal
https://bit.ly/33ENps4
?? Courses I Teach
https://husseinnasser.com/courses
Released:
Sep 13, 2021
Format:
Podcast episode
Titles in the series (100)
IGeometry Podcast - Intro by The Backend Engineering Show with Hussein Nasser