- From: <Frederick.Hirsch@nokia.com>
- Date: Thu, 3 Oct 2013 10:43:04 +0000
- To: <dom@w3.org>
- CC: <Frederick.Hirsch@nokia.com>, <Youenn.Fablet@crf.canon.fr>, <bh526r@att.com>, <richt@opera.com>, <giuseppep@opera.com>, <public-device-apis@w3.org>, <public-web-and-tv@w3.org>
agreed, my point is that if the security flaw in the benign service allows an attack on the sensitive one then the only real solution is not to enable that device in our scenario (or to fix the underlying issue of course) I like the phrasing, should be good for the security considerations section :) regards, Frederick Frederick Hirsch Nokia On Oct 3, 2013, at 2:50 AM, ext Dominique Hazael-Massieux wrote: > Le jeudi 03 octobre 2013 à 01:28 +0000, Frederick.Hirsch@nokia.com a > écrit : >> The fundamental flaw is that one device has two purposes allowing >> flaws from one to affect the other, yet this is also why it is sold >> and valued - the convenience, cost reduction, lower hardware >> footprint, easier management etc are also benefits. > > One simple (but of course not 100% effective) solution would be for such > a dual serviced device to expose CORS headers only on the benign > service, and not on the security-sensitive one. > > (if a bug in the benign service lets attack the sensitive one, of > course, this won't be of much use) > > Dom >
Received on Thursday, 3 October 2013 10:47:34 UTC