coffee shop MITM
-
-
Replying to @__b_c
Coffee shop MITM is precluded by proper implementation of https by browser. Don't need another browser feature to deal with it.
1 reply 0 retweets 5 likes -
Replying to @RichFelker @__b_c
Subdomain takeover is a real risk most developers and even many security reviewers aren't aware of, but if you are aware enough to try to mitigate you should properly scope cookies...
1 reply 0 retweets 3 likes -
-
Replying to @RichFelker @__b_c
So subdomain takeover looks like the big one, and whether the tradeoffs of token binding are worth it seems to depend on how hard it is to fix poorly scoped cookies.
1 reply 0 retweets 1 like -
Replying to @RichFelker
there are, of course, all kinds of protections available to prevent cookie theft. Token binding is unique in that it can prevent use after theft rather than trying to stop the theft itself. Both have value. Defence in depth etc. Token Binding also ...
1 reply 0 retweets 0 likes -
Replying to @__b_c @RichFelker
... can apply to things like OAuth and SSO tokens, which don't necessarily have the same characteristics as cookies. The browser case is maybe less compelling b/c of other cookie protections. But it's still useful IMHO. And, for better or worse, ...
1 reply 0 retweets 2 likes -
Replying to @__b_c @RichFelker
adoption and deployment at large likely hinges on the browser supporting it
1 reply 0 retweets 0 likes -
Replying to @__b_c @RichFelker
But you dodged Rich's main point, it has to be an attack that can't just be exploited using the same vector you used to get the cookie, right? Subdomain takeover is the first example I've heard that works, but that's pretty niche, you have to admit?
4 replies 0 retweets 2 likes -
Agree on all the accounts. Said that subdomain takeover is less niche than imagine
1 reply 0 retweets 0 likes
I realized after this tweet that Token Binding doesn't solve subdomain takeover. The only example attack I've heard that does seem sound is accidental passive leak of cookies into logfiles.
-
-
Ok then I really wonder if all this spec and work has a real raison d'être... :s
1 reply 0 retweets 2 likes -
there've also been things such as CRIME, BREACH, Heartbleed and the Cloudflare parser leak bug that could expose cookies/tokens without a vector into the client or the key. A bound token/cookie is defense in depth against unforeseen leakage.
1 reply 4 retweets 6 likes - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.