Joachim Breitner's Homepage
Just a quick follow up on my Cross-Site-Authentication Attack: My article for the German Linux Magazin which was translated for its English counterpart Linux Magazine is now available online. Before you ask: I did not chose the image there. I'm still waiting for the German version to be opened up, too, but that will probably not happen before October.
At the GPN 5 last weekend (a conference compareable to the Chaos Communication Congress, only smaller) I have held a lightning talk on the XSA Attack. In preparation for that, I actually tried it on the internal wiki of the Entropia e.V., and despite the relatively high technical knowledge of its visitors, some fell for the trap. As that was the only preparation of the talk, I wonder how it was perceived. Comments and tipps with regard to the form are welcome.
By the way: The German wikipedia page on XSA tells us that newer firefox browsers won't allow such an attack to work, which is good.