Which of the demos? Are you logged in to Twitter/Facebook in all those browsers, as the demo requires? +@tomvangoethem
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
More about timing attacks on the web: https://tom.vg/2016/08/browser-based-timing-attacks/ … Scary demo by
@tomvangoethem: https://labs.tom.vg/browser-based-timing-attacks/ …pic.twitter.com/5wWLXbh98H
-
Results in
@Brave: ... Hillary median: NaN, Donald median: NaN ... Found favorite candidate to be Donald NaN bug! - 2 more replies
New conversation -
-
-
@ledahulevogyre Good question. People like
@angealbertini make it a tough one to answer. +@tomvangoethem -
@mathias @ledahulevogyre@angealbertini That's in fact what Firefox does, but that only stops one of the attacks, so not a complete fix - 1 more reply
New conversation -
-
-
This Tweet is unavailable.
-
AFAICT `SameSite=strict` or even `SameSite=lax` would prevent this, yeah. As for your other question, I refer to
@tomvangoethem ;) - 1 more reply
-
-
-
@mathias interesting ideas. is the facebook timing attack demo available somewhere? -
@gondo I don’t think it’s publicly available, but let’s ask@tomvangoethem himself. - 2 more replies
New conversation -
-
-
@mathias This is awesome.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
JavaScript, HTML, CSS, HTTP, performance, security, Bash, Unicode, i18n, macOS.
I spoke at