“Gigabytes of junk data could be dumped onto PCs via a loophole in web code, a developer has found,” BBC News reports.
“The loophole exploits a feature of HTML 5 which defines how websites are made and what they can do,” The Beeb reports. “Developer Feross Aboukhadijeh found the bug and set up a demo page that fills visitors hard drives with pictures of cartoon cats.”
The Beeb reports, “In one demo, Mr Aboukhadijeh managed to dump one gigabyte of data every 16 seconds onto a vulnerable Macbook. Most major browsers, Chrome, Internet Explorer, Opera and Safari, were found to be vulnerable to the bug, said Mr Aboukhadijeh… Only Mozilla’s Firefox capped storage at 5MB and was not vulnerable, he found… In a bid to solve the problem, bug reports about the exploit have been filed with major browser makers.”
Read more in the full article here.
[Thanks to MacDailyNews Reader “Margaret G.” and “Peter S.” for the heads up.]
So we need to go ack to Flash, right? Just kidding.
This has NOTHING to do with Flash. CSS3, Javascript combined with the HTML5 api are replacing flash.
The HTML5 Data Storage API is not being properly implemented by browsers. Essentially, each site is allowed 5MB of local storage. I haven’t checked out the loophole, but I’m willing to guess that there is a way to make the browser think that limit hasn’t been reached or to spoof what site the data is coming from, allowing multiple instances of 5MB files.
Thanks for the lecture, professor. The comment was a joke.
Porn sites turn this vulnerability into a feature in 5, 4, 3, 2….
Fortunately my hard drive is already full when I view those sites.
I mean…
So in this demo, Kitty Porn?
They don’t call it a hard drive for nothing.
How quickly is each browser maker going to patch this?
I think this is a good test for the major browser makers – a chance to show users who is really trustworthy and on top of things in the HTML5 world.
My prediction is:
Apple, Google, & Opera will all have patches 1-2 weeks, and have most users using the new patched browser within 2-4 weeks.
Microsoft will take 3-6 weeks to release a patch, and get a majority of users on the patched browser in 10 months.
Mozilla has the lead now – they had the foresight to prevent this vulnerability from stealing more than 5MB of space in Firefox. There’s no urgent need for them to patch it.
Given the blazing speed of my internet connection, it would take almost two days to “dump” a gigabyte of cat pictures onto my drive.
I suspect that it only downloads the image once…
What about iDevices?
Good question.
Safari mobile & desktop are currently vulnerable.
Don’t believe the author of this article. OS X doesn’t have problems like this. It is ONLY Windows that gets this stuff. This author wants nothing but hits. OS X is safe from anything like this. It would ask for a user name and password before it would load. Nothing gets by the authentication process. No worries , go on to the next article that has truth to it.
Huh?
Huh?
Double huh?
I was doing my Apple zealot imitation, it was a very sarcastic post!.
Uh… Huh? Oh, others said this already.
One more thing…forget it…
Forgive my blazing ignorance, but isn’t it only apps that provoke an authorization step?
Actually, no password authorization is required.
All a user has to do is go to the wrong website in the wrong browser, and the hard drive immediately begins to fill up about as fast as the Internet connection will allow. The exploit demonstration page makes this abundantly clear.
The user doesn’t have to click on anything? (such as click on a download button?)
I’m assuming the user still has to go to the malicious web site.
No user action is necessary besides visiting a website with malicious code. This really needs to get patched.
OS X is not immune from this. Please don’t spread misinformation. This is a vulnerability that needs to be patched.
Hmmm… I
Hmmm… I’ve been wondering what to do with my junk data. I’ll have to look into this and exploit and write it in to all my web pages.
Jeezus, you’d think I’d been into the Martinis, with all those typos 🙂
How to we stop the Web Page Preview folder from filling up? Apart from making it read only I mean.
There are a few free and shareware apps that dump ALL of Safari’s cache for you. I regularly use a custom task I set up in MainMenu Pro that dumps it as well as dumps the DNS cache and frees up unused RAM. With Safari’s current penchant for devouring RAM, it comes in handy all day long.
(I’m currently testing Safari v6.0.3 beta, which so far appears to have a better handle on memory management. I like that).
I mean, look, I know the data isn’t always altruistic, but it needs a place. Be a good Samaritan. But after three days (like fish) visitors start to smell.
So, what does the “database storage” option under the Advanced tab in Safari prefs address, if not this?
Firefox is capped at 5MB, but with this pref I can set it Safari to allow anything from 1MB to 500MB before I am asked.
What else would that be about except the “junk data” the article is talking about? Apple has been pushing HTML5 for a while, longer than others, so I would have thought they would be more familiar potential issues.
Also, I find it hard to believe someone an receive a GIG of data every 16 seconds over the internet without noticing it. Seems to me everything else would crawl to a stop.
That is exactly what that setting addresses.
From what I’m reading the flaw gets around that in all browsers except Firefox.
What the $&@?!%#? Apple needs to get its $&@?!# ?! together.
My dislike of cats is justified!
Just checked my Safari prefs and in Advanced there is setting for Database storage which is set to 5 MB before asking. So I guess Safari is just as immune as Firefox. Surprised this guy didn’t find that bit, only took me 2 clicks.
Is there a link to those pictures of cartoon cats? 😉