Friday, September 12, 2014

Fwd: [cap-talk] A new type of phishing attack

Sent from my iPhone

Begin forwarded message:

From: Sandro Magi <>
Date: September 12, 2014 at 9:33:18 EDT
To: "General discussions concerning capability systems." <>
Subject: [cap-talk] A new type of phishing attack
Reply-To: "General discussions concerning capability systems." <>

Interesting new phishing idea:

Basically exploiting a typical user's workflow where they have multiple tabs open. This highlights the real need for a functional petname system.

As a trivial countermeasure, I wonder if it's really necessary for JavaScript to run on inactive tabs.


cap-talk mailing list