View Full Version : New JavaScript-Based Timing Attack Steals All Browser Source Data

August 4th, 2013, 17:18
Security researchers have been warning about the weaknesses and issues with JavaScript and iframes for years now, but the problem goes far deeper than even many of them thought. A researcher in the U.K. has developed a new technique that uses a combination of JavaScript-based timing attacks and other tactics (https://threatpost.com/javascript-and-timing-attacks-used-to-steal-browser-data/101559) to read any information he wants from a targeted user's browser and sites the victim is logged into. The attack works on all of the major browsers and researchers say there's no simple fix to prevent it."