1 |
>> >> > However, this won't do away with XSS, or other similar attack vectors |
2 |
>> >> > if |
3 |
>> >> > the users are not careful with their browsing habits. |
4 |
>> >> |
5 |
>> >> Can you give me an example? |
6 |
>> > |
7 |
>> > If your coder has another website page open in his/her browser which |
8 |
>> > contains for example XSS or CSRF code, then the webpage of your company's |
9 |
>> > web app could be potentially compromised by your user inadvertently |
10 |
>> > executing state changing commands on it. By providing a XSS payload the |
11 |
>> > attacker could execute commands to change username/passwd, change email |
12 |
>> > address, etc. This is one reason that Internet Banking providers always |
13 |
>> > advise their users to log out and then exit their browser when they have |
14 |
>> > finished their online banking. |
15 |
> |
16 |
>> The other obvious attack would be simply stealing your session cookies |
17 |
>> or SSL client certificate+key out of the browser's RAM, or off of |
18 |
>> disk. |
19 |
> |
20 |
> Yes, session hi/sidejacking is possible, as well as obtaining sensitive |
21 |
> information that the browser has happened to cache. High value information |
22 |
> like credit card details should have a no-cache, no-store, Expires:0, but I |
23 |
> bet there are some websites out there which do not guard against this threat. |
24 |
> I would have thought SSL certificates/keys would be protected in RAM, but if |
25 |
> you have a Man-In-The-Browser attack I guess they wouldn't be. |
26 |
> |
27 |
> If you are using a VPN connection as a split-tunnel then although your |
28 |
> connection to the LAN would be secure, browser credentials could still be |
29 |
> stolen by browser sessions connecting to suspect websites outside the tunnel. |
30 |
> It has to be a full VPN tunnel with forwarding Internet access blocked at the |
31 |
> VPN gateway, for clients to mitigate this threat. |
32 |
|
33 |
|
34 |
So the user is safe if I send all internet requests from her remote |
35 |
laptop through the Zerotier connection (instead of only sending |
36 |
requests to my server through Zerotier)? |
37 |
|
38 |
- Grant |