[liberationtech] Burn Note
Jacob Appelbaum
jacob at appelbaum.net
Wed Feb 1 01:10:31 PST 2012
On 01/31/2012 07:40 PM, Steve Weis wrote:
> I would not use Burn Note.
>
> I just tried it out and found they are vulnerable to cross-site scripting
> attacks. If you were logged into a Burn Note account, I could hijack it by
> getting you to click one of their links. That would let me see all the
> outstanding notes your account created which haven't been read yet.
>
> I also found that I was able to post junk data to their application
> endpoints to create broken notes. That means the input is not being
> sanitized, which makes it more likely to be exploitable. This is a common
> cause of vulnerabilities like SQL injection.
>
> Finally, based on their technical writeup, I don't trust their ability to
> use encryption properly.
>
Nicely done. If you've already disclosed, please do share the exploits
here after they've patched?
All the best,
Jacob
More information about the liberationtech
mailing list