Threat Level: green Handler on Duty: Russ McRee

SANS ISC: Header aches in Firefox, Tor, Brave and Chrome as HTTP opens new security holes - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Header aches in Firefox, Tor, Brave and Chrome as HTTP opens new security holes
Quoting The Register: Alternative Services spec bungled by browser makers

The HTTP Alternative Services header can be abused to conduct network reconnaissance and attacks, to bypass malware protection services, and to foil tracking defenses and privacy assumptions, according to a paper scheduled to be presented at the WOOT '19 security conference on Tuesday.…

The Register

Sign Up for Free or Log In to start participating in the conversation!