I used this string from the video: “As a professional you need and work with sensitive information from your clients”. That leads straight to the application.
On topic, good article. Would using a framework like rails or Django have prevented this?
Thanks. They seem to be using the Laravel framework, and it is a PHP application. Laravel automatically sanitizes content in all it’s templates. I believe that on a file upload request page, some data is loaded through JavaScript and fetched after the initial page load. This bypasses Laravel templates and thus it’s automatic sanitization. I assume it never came to mind to the developers that this could be an issue.
Yes, using a framework could help a lot. But you should never assume it makes everything safe.
Why would you use RSA (even 4096-bit) in 2019? There are high-quality libraries out there implementing things like Elliptic Curve crypto. You could even do something awesome like have a long-term key pair sign ephemeral hash-based keypairs (for one-time signatures) and use those, then you have a Post-Quantum security argument.
Sigh. Similar to RC4, RSA won’t die until we demonstrate working attacks. Cmon, google, hurry up with those quantum circuits…
Apart from smaller keys and performance improvements, there aren’t many improvements from RSA. RSA with a large enough key-size is not insecure against classical computers, both are impacted by quantum computers.
Possibly … https://tweakers.net/nieuws/159002/amsterdams-bedrijf-start-dienst-voor-het-veilig-opvragen-van-bestanden.html
Looks like this is it. If you search “safely receive files only you can open” you’ll find the co-founder’s LinkedIn.
I used this string from the video: “As a professional you need and work with sensitive information from your clients”. That leads straight to the application.
Yeah, SafeRequest is clearly the company involved in this.
What they could also do is derive the private key from a user password. This would also secure the user’s file against further XSS problems
They could also adopt a Content Security Policy (CSP), which is a bit hairy to do but a worthwhile exercise for stuff that’s doing JS crypto..
Couldn’t this password be captured as well if JavaScript XSS is possible?
Depending on where the XSS is and where they ask for the password. Sure.
Content Security Policies aren’t that troublesome to implement. An hour on MDN will teach you everything you need to know.
I can see where you’re coming from, but I think this isn’t true for many small and medium organizations.
Adopting CSP is known to be super tricky for existing apps, many still use inline JS and event handlers and that will all need a rewrite.
If it were so simple, more web pages would use it.
If you submit your own story I can’t, two hours later 🤔. Now how do I get my internet points?
On topic, good article. Would using a framework like rails or Django have prevented this?
Thanks. They seem to be using the Laravel framework, and it is a PHP application. Laravel automatically sanitizes content in all it’s templates. I believe that on a file upload request page, some data is loaded through JavaScript and fetched after the initial page load. This bypasses Laravel templates and thus it’s automatic sanitization. I assume it never came to mind to the developers that this could be an issue.
Yes, using a framework could help a lot. But you should never assume it makes everything safe.
Why would you use RSA (even 4096-bit) in 2019? There are high-quality libraries out there implementing things like Elliptic Curve crypto. You could even do something awesome like have a long-term key pair sign ephemeral hash-based keypairs (for one-time signatures) and use those, then you have a Post-Quantum security argument.
Sigh. Similar to RC4, RSA won’t die until we demonstrate working attacks. Cmon, google, hurry up with those quantum circuits…
Apart from smaller keys and performance improvements, there aren’t many improvements from RSA. RSA with a large enough key-size is not insecure against classical computers, both are impacted by quantum computers.
You’re right that Shor’s algorithm also breaks ECC. However, Dan Boneh among others would largely disagree due to a wealth of implementation attacks with respect to still choosing RSA despite the fact that it’s still generally secure.