Airport Security FTW!
17-Jul-07
Enabling a new breed of terrorism… hack the departures board, and redirect all passengers to the wrong flights…
Theres an interesting interview up on The Register today with Wade Alcorn, on his recent paper on infecting web browsers with a basic JavaScript exploit framework. The idea is that this would be capable of launching exploits against targets INSIDE THE FIREWALL of the network on which the web browser is running – i.e. making the infected web browser into some sort of simple Metasploit, with the user of the web browser remaining totally unaware that they had been zombied.
But it doesn’t stop there – Wade also mentions the idea of infecting web spiders with such a framework. I’m aware that the most poular web spiders (Googlebot / Slurp!) do not parse JavaScript, but still, it’s an interesting and somewhat scary idea.