protecting users by confining javascript with swapi
play

Protecting Users by Confining JavaScript with SWAPI Deian Stefan, - PowerPoint PPT Presentation

Jan 04, 2023 •659 likes •1.65k views

Protecting Users by Confining JavaScript with SWAPI Deian Stefan, Petr Marchenko, Brad Karp, David Mazires, Dave Herman, and John C. Mitchell Modern websites are complex Modern websites are complex Modern websites are complex Page code

  1. Protecting Users by Confining JavaScript with SWAPI Deian Stefan, Petr Marchenko, Brad Karp, David Mazières, Dave Herman, and John C. Mitchell

  2. Modern websites are complex

  3. Modern websites are complex

  4. Modern websites are complex Page code

  5. Modern websites are complex Ad code Page code

  6. Modern websites are complex Ad code Page code Third-party APIs

  7. Modern websites are complex Ad code Page code Third-party libraries Third-party APIs

  8. Modern websites are complex Ad code Extensions Page code Third-party libraries Third-party APIs

  9. Modern websites handle sensitive information • Financial data ➤ Online banking, tax filing, shopping, budgeting, … • Health data ➤ Genomics, prescriptions, … • Personal data ➤ Email, messaging, affiliations, …

  10. Many parties are interested in the sensitive data • Financial data ➤ Black-hat hackers, … • Health data ➤ Insurance companies, … • Personal data ➤ Ad companies, big governments, …

  11. Many parties are interested in the sensitive data • Financial data ➤ Black-hat hackers, … • Health data ➤ Insurance companies, … • Personal data ➤ Ad companies, big governments, …

  12. Many parties are interested in the sensitive data • Financial data ➤ Black-hat hackers, … • Health data ➤ Insurance companies, … • Personal data ➤ Ad companies, big governments, …

  13. Many parties are interested in the sensitive data • Financial data ➤ Black-hat hackers, … • Health data ➤ Insurance companies, … • Personal data ➤ Ad companies, big governments, …

  14. How do we protect sensitive data? Non requirements � … information exchange is still more important than secrecy. Tim Berners-Lee, 1989

  15. How do we protect sensitive data? Non requirements � … information exchange is still more important than secrecy. Tim Berners-Lee, 1989 still somewhat true…

  16. How do we protect sensitive data? Non requirements � … information exchange is still more important than secrecy. Tim Berners-Lee, 1989 still somewhat true… but this was before the Web became the platform…

  17. 
 
 What is the state of the art in web security? • Same Origin Policy • Content Security Policy • Sandboxing 


  18. 
 
 
 
 
 Same Origin Policy Idea: isolate content from different origins ➤ E.g., can’t access document of cross-origin page ➤ E.g., can’t inspect responses from cross-origin 
 a.com b.com c.com

  19. 
 
 
 
 
 Same Origin Policy Idea: isolate content from different origins ➤ E.g., can’t access document of cross-origin page ➤ E.g., can’t inspect responses from cross-origin 
 a.com b.com c.com

  20. 
 
 
 
 
 Same Origin Policy Idea: isolate content from different origins ➤ E.g., can’t access document of cross-origin page ➤ E.g., can’t inspect responses from cross-origin 
 a.com b.com c.com

  21. 
 
 
 
 
 Same Origin Policy Idea: isolate content from different origins ➤ E.g., can’t access document of cross-origin page ➤ E.g., can’t inspect responses from cross-origin 
 postMessage a.com b.com c.com

  22. 
 
 
 
 
 Same Origin Policy Idea: isolate content from different origins ➤ E.g., can’t access document of cross-origin page ➤ E.g., can’t inspect responses from cross-origin 
 postMessage ✓ a.com b.com c.com

  23. 
 
 
 
 
 Same Origin Policy Idea: isolate content from different origins ➤ E.g., can’t access document of cross-origin page ➤ E.g., can’t inspect responses from cross-origin 
 postMessage ✓ a.com b.com c.com JSON

  24. 
 
 
 
 
 Same Origin Policy Idea: isolate content from different origins ➤ E.g., can’t access document of cross-origin page ➤ E.g., can’t inspect responses from cross-origin 
 postMessage ✓ JSON a.com b.com c.com

  25. 
 
 
 
 
 Same Origin Policy Idea: isolate content from different origins ➤ E.g., can’t access document of cross-origin page ➤ E.g., can’t inspect responses from cross-origin 
 postMessage ✓ JSON a.com b.com c.com

  26. 
 
 
 
 
 Same Origin Policy Idea: isolate content from different origins ➤ E.g., can’t access document of cross-origin page ➤ E.g., can’t inspect responses from cross-origin 
 postMessage ✓ JSON a.com b.com c.com

  27. Same Origin Policy Limitations: ➤ Some DOM objects leak data E.g., image size can leak if user is logged in - ➤ Data exfiltration is trivial E.g., any XHR request can contain data form page - ➤ Cross-origin scripts run with privilege of page ➠ Injected scripts can corrupt and leak user data!

  28. 
 
 
 
 
 Content Security Policy Goal: prevent and limit damage of XSS attacks 
 Idea: restrict resource loading to a white-list ➤ E.g., default-src ‘self’ http://b.com; img-src * 
 a.com c.com

  29. 
 
 
 
 
 Content Security Policy Goal: prevent and limit damage of XSS attacks 
 Idea: restrict resource loading to a white-list ➤ E.g., default-src ‘self’ http://b.com; img-src * 
 a.com b.com c.com

  30. 
 
 
 
 
 Content Security Policy Goal: prevent and limit damage of XSS attacks 
 Idea: restrict resource loading to a white-list ➤ E.g., default-src ‘self’ http://b.com; img-src * 
 ✓ a.com b.com c.com

  31. 
 
 
 
 
 Content Security Policy Goal: prevent and limit damage of XSS attacks 
 Idea: restrict resource loading to a white-list ➤ E.g., default-src ‘self’ http://b.com; img-src * 
 ✓ a.com b.com c.com JSON

  32. 
 
 
 
 
 Content Security Policy Goal: prevent and limit damage of XSS attacks 
 Idea: restrict resource loading to a white-list ➤ E.g., default-src ‘self’ http://b.com; img-src * 
 ✓ a.com b.com c.com JSON

  33. 
 
 
 
 
 Content Security Policy Goal: prevent and limit damage of XSS attacks 
 Idea: restrict resource loading to a white-list ➤ E.g., default-src ‘self’ http://b.com; img-src * 
 ✓ a.com b.com c.com JSON

  34. 
 
 
 
 
 Content Security Policy Goal: prevent and limit damage of XSS attacks 
 Idea: restrict resource loading to a white-list ➤ E.g., default-src ‘self’ http://b.com; img-src * 
 ✓ a.com b.com c.com JSON

  35. 
 
 
 
 
 Content Security Policy Goal: prevent and limit damage of XSS attacks 
 Idea: restrict resource loading to a white-list ➤ E.g., default-src ‘self’ http://b.com; img-src * 
 ✓ a.com b.com c.com JSON

  36. 
 
 
 
 
 Content Security Policy Goal: prevent and limit damage of XSS attacks 
 Idea: restrict resource loading to a white-list ➤ E.g., default-src ‘self’ http://b.com; img-src * 
 ✓ a.com b.com c.com JSON

  37. Sandboxing Idea: restrict actions page can perform ➤ E.g., directive sandbox allow-scripts 
 ensures iframe has 
 unique origin ➤ E.g., directive sandbox 
 a.com a.com ensures iframe has 
 unique origin and cannot 
 execute JavaScript 
 a.com a.com

  38. Sandboxing Idea: restrict actions page can perform ➤ E.g., directive sandbox allow-scripts 
 ensures iframe has 
 unique origin ➤ E.g., directive sandbox 
 a.com a.com ensures iframe has 
 unique origin and cannot 
 execute JavaScript 
 a.com a.com

  39. Sandboxing Idea: restrict actions page can perform ➤ E.g., directive sandbox allow-scripts 
 ensures iframe has 
 unique origin unq0 ➤ E.g., directive sandbox 
 a.com a.com ensures iframe has 
 unique origin and cannot 
 execute JavaScript 
 a.com a.com

  40. Sandboxing Idea: restrict actions page can perform ➤ E.g., directive sandbox allow-scripts 
 ensures iframe has 
 unique origin unq0 ➤ E.g., directive sandbox 
 a.com a.com ensures iframe has 
 unique origin and cannot 
 execute JavaScript 
 a.com a.com

  41. Sandboxing Idea: restrict actions page can perform ➤ E.g., directive sandbox allow-scripts 
 ensures iframe has 
 unique origin ✓ unq0 ➤ E.g., directive sandbox 
 a.com a.com ensures iframe has 
 unique origin and cannot 
 execute JavaScript 
 a.com a.com

  42. Sandboxing Idea: restrict actions page can perform ➤ E.g., directive sandbox allow-scripts 
 ensures iframe has 
 unique origin ✓ unq0 ➤ E.g., directive sandbox 
 a.com a.com ensures iframe has 
 unique origin and cannot 
 execute JavaScript 
 a.com a.com

  43. Sandboxing Idea: restrict actions page can perform ➤ E.g., directive sandbox allow-scripts 
 ensures iframe has 
 unique origin ✓ unq0 ➤ E.g., directive sandbox 
 a.com a.com ensures iframe has 
 unique origin and cannot 
 execute JavaScript 
 unq1 a.com a.com

  44. Sandboxing Idea: restrict actions page can perform ➤ E.g., directive sandbox allow-scripts 
 ensures iframe has 
 unique origin ✓ unq0 ➤ E.g., directive sandbox 
 a.com a.com ensures iframe has 
 unique origin and cannot 
 execute JavaScript 
 unq1 a.com a.com

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Protecting Users by Confining JavaScript with COWL Deian Stefan, Edward Z. Yang, Petr Marchenko,

Protecting Users by Confining JavaScript with COWL Deian Stefan, Edward Z. Yang, Petr Marchenko,

Protecting Users by Confining JavaScript with COWL Deian Stefan, Edward Z. Yang, Petr Marchenko, Alejandro Russo, Dave Herman, Brad Karp, David Mazires The Web No longer just a way of publishing static content The Web Now app

989 views • 55 slides
JavaScript! What is JavaScript? A (traditionally) client-side scripting language Meant

JavaScript! What is JavaScript? A (traditionally) client-side scripting language Meant

JavaScript! What is JavaScript? A (traditionally) client-side scripting language Meant (traditionally) to run entirely on the users browser Defined by the ECMAscript standard, published by the ECMA foundation JavaScript != Java,

657 views • 32 slides
Universal properties of the confining string in gauge theories F . Gliozzi DFT & INFN,

Universal properties of the confining string in gauge theories F . Gliozzi DFT & INFN,

Universal properties of the confining string in gauge theories F . Gliozzi DFT & INFN, Torino U. GGI, 6/5/08 F. Gliozzi ( DFT & INFN, Torino U. ) Confining strings GGI, 6/5/08 1 / 40 Plan of the talk The origins 1 The free

724 views • 40 slides
and Protecting Assets Information Technology Manager - Redstone Arsenal 15,000 users

and Protecting Assets Information Technology Manager - Redstone Arsenal 15,000 users

Cyber Theft and Protecting Assets Information Technology Manager - Redstone Arsenal 15,000 users Technology and Digital Forensics Counter Drug Agency (Army) Canfield Computer Solutions since 1995 Network and workstation

339 views • 4 slides
JavaScript Primer Basic Introduction of JavaScript JavaScript History Why (re)introduce

JavaScript Primer Basic Introduction of JavaScript JavaScript History Why (re)introduce

JavaScript Primer Basic Introduction of JavaScript JavaScript History Why (re)introduce JavaScript? Notorious for being worlds most misunderstood programming language o (Douglas Crockford -

432 views • 11 slides
Introduction to JavaScript Niels Olof Bouvin 1 Overview A brief history of JavaScript and

Introduction to JavaScript Niels Olof Bouvin 1 Overview A brief history of JavaScript and

Introduction to JavaScript Niels Olof Bouvin 1 Overview A brief history of JavaScript and ECMAScript JavaScript for Java developers The JavaScript ecosystem Getting access to JavaScript Some language basics A look at the Node.js standard

1.1k views • 57 slides
Introduction to JavaScript Niels Olof Bouvin 2 Overview A brief history of JavaScript and

Introduction to JavaScript Niels Olof Bouvin 2 Overview A brief history of JavaScript and

Introduction to JavaScript Niels Olof Bouvin 2 Overview A brief history of JavaScript and ECMAScript JavaScript for Java developers The JavaScript ecosystem Getting access to JavaScript Some language basics A look at the Node.js standard

1.03k views • 54 slides
CE419 Session 5: JavaScript Web Programming 1 What is JavaScript? JavaScript is a dynamic

CE419 Session 5: JavaScript Web Programming 1 What is JavaScript? JavaScript is a dynamic

CE419 Session 5: JavaScript Web Programming 1 What is JavaScript? JavaScript is a dynamic programming language. Introduced in 1995 as a way to add programs to web pages in the Netscape Navigator browser. It has made modern web

795 views • 35 slides
Protecting Privacy by Spying on Users Andrew Patrick & Information Security Group (Larry

Protecting Privacy by Spying on Users Andrew Patrick & Information Security Group (Larry

Protecting Privacy by Spying on Users Andrew Patrick & Information Security Group (Larry Korba, Ronggong Song, George Yee, Scott Buffett, Yunli Wang, Liqiang Geng, Steve Marsh, Hongyu Liu) 1 data breaches caused by laptop theft, hacks 2

512 views • 26 slides
JavaScript: The Good Parts vs. JavaScript: The Definitive Guide CS 252: Advanced Programming

JavaScript: The Good Parts vs. JavaScript: The Definitive Guide CS 252: Advanced Programming

JavaScript: The Good Parts vs. JavaScript: The Definitive Guide CS 252: Advanced Programming Language Principles Introduction to JavaScript Prof. Tom Austin San Jos State University History of JavaScript In 1995, Netscape hired Brendan

395 views • 16 slides
Advanced JavaScript dates JavaScript timing events JavaScript Lars Larsson cookies Graceful

Advanced JavaScript dates JavaScript timing events JavaScript Lars Larsson cookies Graceful

Advanced JavaScript Lars Larsson Today JavaScript strings JavaScript Advanced JavaScript dates JavaScript timing events JavaScript Lars Larsson cookies Graceful degradation AJAX Summary Lecture #11 Advanced JavaScript 1

831 views • 38 slides
future shock treatment ctrl+s SVN HTML CSS JavaScript elements attributes class names IDs

future shock treatment ctrl+s SVN HTML CSS JavaScript elements attributes class names IDs

future shock treatment ctrl+s SVN HTML CSS JavaScript elements attributes class names IDs HTML body id="users" /users/ body id="users" class="view" /users/username body id="users"

789 views • 56 slides
JavaScript Concepts JavaScript is pretty hard to escape if you want to do anything for the web C

JavaScript Concepts JavaScript is pretty hard to escape if you want to do anything for the web C

JavaScript Concepts JavaScript is pretty hard to escape if you want to do anything for the web C of the Internet Take JavaScript for instance. It's widely criticized in the POPL community for getting many things wrong. But it must have

655 views • 44 slides
Game Development In JavaScript First Impressions Javascript Designed for web application

Game Development In JavaScript First Impressions Javascript Designed for web application

Game Development In JavaScript First Impressions Javascript Designed for web application Had a rough childhood Very misunderstood Performance difference across browsers Benchmark Pros/Cons JavaScript: WebGL & Canvas

939 views • 18 slides
J AVA S CRIPT JavaScript is the programming language of HTML and the Web. JavaScript

J AVA S CRIPT JavaScript is the programming language of HTML and the Web. JavaScript

J AVA S CRIPT JavaScript is the programming language of HTML and the Web. JavaScript Java JavaScript is interpreted by the browser JavaScript 1/15 JS W HERE T O <!DOCTYPE html> <html> <head> <script

591 views • 15 slides
TESTING JAVASCRIPT BUILDING JAVASCRIPT APPLICATIONS YOU WON'T HATE 1/45 Testing Javascript

TESTING JAVASCRIPT BUILDING JAVASCRIPT APPLICATIONS YOU WON'T HATE 1/45 Testing Javascript

TESTING JAVASCRIPT BUILDING JAVASCRIPT APPLICATIONS YOU WON'T HATE 1/45 Testing Javascript Called Testing JS but really about embracing the front end Classic JS meme about "this" This tweet could have ended half way through and

844 views • 45 slides
Vector-Boson + Multi-Jet Production with BlackHat David A. Kosower Institut de Physique

Vector-Boson + Multi-Jet Production with BlackHat David A. Kosower Institut de Physique

Vector-Boson + Multi-Jet Production with BlackHat David A. Kosower Institut de Physique Thorique, CEASaclay on behalf of the BlackHat Collaboration Carola Berger, Z. Bern, L. Dixon, Fernando Febres Cordero, Darren Forde, Harald Ita, DAK,

310 views • 29 slides
Six Thinking Hats Decision Making: . . . Metalevel Heuristic Methodology: Acknowledgments

Six Thinking Hats Decision Making: . . . Metalevel Heuristic Methodology: Acknowledgments

Overview Natural First Steps in . . . Decision Making: . . . Six Thinking Hats Decision Making: . . . Metalevel Heuristic Methodology: Acknowledgments Towards a Reference Home Page Fuzzy-Logic-Based Title Page Explanation

121 views • 8 slides
Standardization for the black hat Daniel J. Bernstein University of Illinois at Chicago &

Standardization for the black hat Daniel J. Bernstein University of Illinois at Chicago &

1 Standardization for the black hat Daniel J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven 1 bada55.cr.yp.to BADA55 Crypto including How to manipulate curve standards: a white paper for the

879 views • 45 slides
Mastering the Nmap Scripting Engine by Fyodor and David Fifield

Mastering the Nmap Scripting Engine by Fyodor and David Fifield

Insecure.Org Insecure.Org Mastering the Nmap Scripting Engine by Fyodor and David Fifield http://insecure.org/presentations/BHDC10/ Black Hat Briefings Las Vegas Defcon 18 July 28; 4:45 PM; Augustus 5+6 July 30; 5:00 PM; Track One

622 views • 34 slides
Finding Third - party Risks Fourteenforty Research Institute, Inc.

Finding Third - party Risks Fourteenforty Research Institute, Inc.

Fourteenforty Research Institute, Inc. Kyoto, 2012 FIRST Technical Colloquium Sma martphone tphone Securi ecurity ty and Finding Third - party Risks Fourteenforty Research Institute, Inc. http://www.fourteenforty.jp Tsukasa Oi

644 views • 36 slides
Ethics in the age of Informatics, Big Data and AI Professor dr. May Thorseth, Dept. of Philosophy

Ethics in the age of Informatics, Big Data and AI Professor dr. May Thorseth, Dept. of Philosophy

Ethics in the age of Informatics, Big Data and AI Professor dr. May Thorseth, Dept. of Philosophy and Religious Studies, NTNU Director of Programme for Applied Ethics, NTNU Email: may.thorseth@ntnu.no Informatics Europe 2018 Chalmers 9

581 views • 28 slides
Embedded Management Interfaces e t u p m Emerging Massive Insecurity o C d r o f

Embedded Management Interfaces e t u p m Emerging Massive Insecurity o C d r o f

b a L y t i r u c e S r Embedded Management Interfaces e t u p m Emerging Massive Insecurity o C d r o f Hristo Bojinov Elie Bursztein Dan Boneh n a Stanford Computer Security Lab t S Thursday, July 30, 2009

1.86k views • 160 slides
1 Logic for Reasoning about Truth: Outline Where Should We Start? Prereqs, Learning Goals,

1 Logic for Reasoning about Truth: Outline Where Should We Start? Prereqs, Learning Goals,

snick Introductions, again snack Steven Wolfman <wolf@cs.ubc.ca> CPSC 121: Models of Computation ICICS 239; office hours listed on the website 2016W2 I also have an open door policy: If my door is open, come in and talk!

623 views • 5 slides

More recommend