2 Matching Annotations
  1. Feb 2021
  2. stackoverflow.com stackoverflow.com
    Why are iframes considered dangerous and a security risk?
    1
    1. TylerRick 03 Feb 2021
      If you teach your users to trust that URL bar is supposed to not change when they click links (e.g. your site uses a big iframe with all the actual content), then the users will not notice anything in the future either in case of actual security vulnerability.
      detecting security exploits just because you don’t see/notice it, doesn’t mean it’s not happening easy to miss / not notice (attention) unintended consequence
    Visit annotations in context

    Tags

    Annotators

    URL

    stackoverflow.com/questions/7289139/why-are-iframes-considered-dangerous-and-a-security-risk
  3. medium.com medium.com
    I’m harvesting credit card numbers and passwords from your site. Here’s how.
    1
    1. TylerRick 03 Feb 2021
      The point is, just because you don’t see it, doesn’t mean it’s not happening. It’s been more than two years and as far as I know, no one has ever noticed one of my requests. Maybe it’s been in your site this whole time
      security exploits: avoiding detection just because you don’t see/notice it, doesn’t mean it’s not happening
    Visit annotations in context

    Tags

    Annotators

    URL

    medium.com/hackernoon/im-harvesting-credit-card-numbers-and-passwords-from-your-site-here-s-how-9a8cb347c5b5