JavaScript: How Browsers Give Away the Store

Did you know? Attackers use  your locally installed browser base and JavaScript to draw up intricate exploit roadmaps for targeted attacks on your organization. Listen to our interview with security researcher Michael Schwarz to learn how JavaScript template attacks work and how to prevent them.

“Free” browsers boast features and extensions that supposedly enhance security and privacy online. The same settings or plugins, it turns out, can be used by adversaries to achieve precisely the opposite effect.

That’s just one of the eye-opening findings reported in the research paper JavaScript Template Attacks: Automatically Inferring Host Information for Targeted Exploits.

The paper was authored by security researchers Michael Schwarz, Florian Lackner and Daniel Gruss of Graz University in Austria. They describe how JavaScript template attacks help attackers prepare pinpointed zero-day or side-channel attacks against large organizations, by exploiting the ubiquitous data leaks in “free” browsers and their extensions.

The researchers found an abundance of environment-dependent properties in Firefox, Chrome, Edge, and mobile Tor which allowed them to reveal the underlying operating system, CPU architecture, used privacy-enhancing plugins, and exact browser version. “As a result,” they summarize their findings, “we cannot only ease the creation of fingerprints, but we gain the advantage of having a more precise picture for targeted exploitation.”

For our podcast series The Silo Sessions, Gerd Meissner and Amir Khashayar Mohammadi asked Michael Schwarz, the lead researcher of the paper: How do JavaScript template attacks work, and what do they mean for browser security as a whole?

Listen to the interview here: