Overview
Explore the security implications of browser extensions in this IEEE Symposium on Security & Privacy presentation. Delve into how web applications can exploit extension privileges to bypass the Same Origin Policy, access sensitive user data, and perform unauthorized actions. Examine the communication interfaces between extensions and web applications in Chrome, Firefox, and Opera browsers. Discover potential threats to browser security, web application integrity, and user privacy. Learn about identified vulnerabilities, including access to user credentials, browsing history, and file system operations. Understand the importance of proper extension review processes and potential countermeasures to mitigate these risks. Gain insights into the complex relationship between browser extensions and web applications, and the need for enhanced security measures in browser ecosystems.
Syllabus
EmPoWeb: Empowering Web Applications with Browser Extensions
Taught by
IEEE Symposium on Security and Privacy