*for sites you've already _explicitly_ given permission to use webcam & mic access; design problem: new windows w/o tabs don't show red dothttps://twitter.com/malwarejake/status/869877853126615040 …
-
-
Replying to @kennwhite @thegrugq
I think it's pretty serious. Give someone disguised link to a room you control on a webrtc chat site they use, and you've got their cam, no?
2 replies 0 retweets 2 likes -
Replying to @RichFelker @thegrugq
unless/until Chrome comes up with a UI cue for no-tab windows, that's a risk. Strongly recommend "Always ask" for RTC.
1 reply 0 retweets 0 likes -
Replying to @kennwhite @thegrugq
The problem is persistent contexts. Manually choosing to visit X should get your cookies, permission prefs, etc. for X. Link should not.
1 reply 0 retweets 0 likes -
All links should be porn-mode by default. If someone provides you a link to FB or Twitter you should see it as if not logged in.
1 reply 0 retweets 0 likes -
This would also have the nice side effect of utterly destroying trackers.
2 replies 0 retweets 0 likes
And of course it also completely destroys CSRF.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.