[Cryptography] Sixteen chars crashes chrome....
Bill Frantz
frantz at pwpconsult.com
Mon Sep 21 22:57:26 EDT 2015
On 9/21/15 at 6:02 PM, mitch at niftyegg.com (Tom Mitchell) wrote:
> I am quite flabbergasted that chrome can be crashed
> with a 16 character URL. Chrome on Windows and
> even on a chromebook.
>
> The Chromebook impact is interesting and makes me
> wonder about robust and durable systems built on top of
> a single interface.
>
> This laptop has vendor installed Win software and if it was
> fully borked my ability to reinstall would be very limited.
> There is no media I can download and burn. The cost
> of such media is way more than a DVD burner and media.
> Lack of a known good bootstrap seems to be the nut of a risk...
>
> Where in this might cryptography add trust should low
> and high cost hardware with a single interface be compromised?
>
> A MITM attack can rewrite URLs to be the evil 16 or
> rewrite content with drive by links.
>
> Flabbergasted I am.
The Internet is for entertainment, not privacy. (We won't say who's being entertained.)
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | Airline peanut bag: "Produced | Periwinkle
(408)356-8506 | in a facility that processes | 16345 Englewood Ave
www.pwpconsult.com | peanuts and other nuts." - Duh | Los Gatos, CA 95032
More information about the cryptography
mailing list