Do any of these exploits require any sort of brute-force or CPU-intensive stuff which would be far easier with the massive improvements in JS performance? I wondered if new vulnerabilities might be a side-effect of the JS 'arms race' between Chrome, IE and FF.
Re: JS speed
CRIME is a side-effect. It's a side-channel attack that tries to determine the cookie by sniffing for encryption optimizations in the SSL/TLS channel. Compressing the channel to optimize transmission was part of the optimization rush, but it resulted in the side channel.
GROUJSN? Worst initialism ever.
Qualys laughs at your BEAST
Even if your banking website is vulnerable, you still get an 'A'...
- SMASH the Bash bug! Apple and Red Hat scramble for patch batches
- BENDY iPhone 6, you say? Pah, warp claims are bent out of shape: Consumer Reports
- eXpat Files 'Could we please not have naked developers running around the office BEFORE 10pm?'
- Vulture at the Wheel Renault Twingo: Small, sporty(ish), safe ... and it's a BACK-ENDER
- NASA rover Curiosity drills HOLE in MARS 'GOLF COURSE'