W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: Moving forward on improving HTTP's security

From: Willy Tarreau <w@1wt.eu>
Date: Thu, 14 Nov 2013 21:21:59 +0100
To: Bruce Perens <bruce@perens.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <20131114202159.GI7262@1wt.eu>
[ trimming the CC list a little bit ]

On Thu, Nov 14, 2013 at 11:57:45AM -0800, Bruce Perens wrote:
> 
> 
> Zhong Yu <zhong.j.yu@gmail.com> wrote:
> >It'll be too fun to contemplate attack factors from close family members.
> 
> They aren't the risk, it's all the apps on their iOS and windows systems,
> which my family members install but have no concept of what they can do.
> Those devices have cameras, microphones, GPS.

Yes I explain that all the time to coworkers. I have a neighbour whose
Galaxy Tab something regularly tries to retrieve payload from malware
sites via my WiFi access and it provides open ports with HTTP servers
running on them! Most likely I can capture videos and sounds but I don't
know how. It would help me identify the victim at least, because due
to the beauty of WiFi you don't even know where the attacker is :-)

Willy
Received on Thursday, 14 November 2013 20:22:23 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:19 UTC