[Cryptography] Sixteen chars crashes chrome....

Tom Mitchell mitch at niftyegg.com
Mon Sep 21 21:02:39 EDT 2015

 I am quite flabbergasted that chrome can be crashed
with a 16 character URL.   Chrome on Windows and
even on a chromebook.

The Chromebook impact is interesting and makes me
wonder about robust and durable systems built on top of
a single interface.

This laptop has vendor installed Win software and if it was
fully borked my ability to reinstall would be very limited.
There is no media I can download and burn.  The cost
of such media is way more than a DVD burner and media.
Lack of a known good bootstrap seems to be the nut of a risk...

Where in this might cryptography add trust should low
and high cost hardware with a single interface be compromised?

A MITM attack can rewrite URLs to be the evil 16 or
rewrite content with drive by links.

Flabbergasted I am.

  T o m    M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150921/5d689aa2/attachment.html>

More information about the cryptography mailing list