HTML5 browser exploit can flood your Hard Drive with junk data
2 posters
Pengirim
Message
AA_User Top Nubie
Jumlah posting : 38 Points : 104 Reputation : 0 Join date : 19.01.13
Subyek: HTML5 browser exploit can flood your Hard Drive with junk data Mon Mar 04, 2013 9:10 pm
Feross Aboukhadijeh, 22-year-old Web developer from Stanford has discovered HTML5 browser exploit can flood your Hard Drive with Cat and Dogs i.e junk data.
Many times a website needs to leave a little data i.e 5-10KB on your computer like a cookie, but HTML5 allow sites to store larger amounts of data (like 5-10 MB). In a proof-of-concept he was able to full up 1 GB of HDD space every 16 seconds.
He created FillDisk.com in order to demonstrate the exploit in HTML5. Once user will visit the website the Web Storage standard allows website to place large amounts of data on your drive. Please note that, It's not a hack and this exploit won't allow attackers to access your computer.
However, Web browsers have the ability to limit just how much space websites can dump onto your hard drive. Firefox's implementation of HTML5 local storage is not vulnerable to this exploit. Whereas Chrome, Safari (iOS and desktop), and IE vulnerable to this.
You can find the source code here. Feross already logged the bug for Chrome and Safari, so the problem there should be fixed soon.
CyberWild Moderator
Jumlah posting : 1665 Points : 2310 Reputation : 104 Join date : 11.06.11 Age : 43 Lokasi : internet cloud
Subyek: Re: HTML5 browser exploit can flood your Hard Drive with junk data Tue Mar 05, 2013 3:07 pm
cool broo
HTML5 browser exploit can flood your Hard Drive with junk data