Tag Archives: hack

Clearfix: A Lesson in Web Development Evolution

A lesson in webdev history by Jason Hoffman: The clearfix, for those unaware, is a CSS hack that solves a persistent bug that occurs when two floated elements are stacked next to each other. When elements are aligned this way, … Continue reading

Elsewhere , , , Leave a comment

Wavethrough – Stealing data from remote sites through (fake) wav files

Jake Archibald discovered a really nice browser bug (which is fixed by now) by which he was able to steal data from remote sites by loading it in as a (fake) wav file. The exploit works as follows: Make a … Continue reading

Elsewhere , , , , , Leave a comment

Side-channel attacking browsers through CSS3 features

Ruslan Habalov and Dario Weißer found a way to read contents from an iframe, using CSS3: Accessing the DOM of an iframe that includes a cross-origin resource is forbidden by default. However, the content of the iframe was displayed in … Continue reading

Elsewhere , , , , 1 Comment

The dots do matter: how to scam a Gmail user

Recently James Fisher received an email from Netflix asking him to update his credit card information. “Odd,” I thought, “but OK, I’ll check.” The email is genuinely from netflix.com, so I clicked the link. It logged me in and took … Continue reading

Elsewhere , , , Leave a comment

Login with root and no password on any mac running macOS High Sierra

This tweet is currently making rounds on Twitter: You can access it via System Preferences>Users & Groups>Click the lock to make changes. Then use "root" with no password. And try it for several times. Result is unbelievable! — Lemi Orhan … Continue reading

Original Content , , , Leave a comment

Stealing your browser history with the W3C Ambient Light Sensor API

A few years ago window.getComputedStyle and the like where adjusted to return the default color of links, instead of the actual color on screen. Security and privacy were the driving factors behind that decision: by styling :visited links with a … Continue reading

Elsewhere , , , , , 2 Comments

Ticket Trick: Hacking companies through their helpdesk

Clever way, unearthed by Inti de Ceukelaire, to getting access to private communications channels (such as Slack) by leveraging the create-by-email feature of issue trackers/the helpdesk of a company. First target of Init was Gitlab’s Slack channel: Anyone with a … Continue reading

Elsewhere , , , Leave a comment

DolphinAttack: Hacking Voice Assistants with Inaudible Voice Commands

About a year ago it came to my attention that voice assistants such as Siri can lead to easily exploitable security issues. As voice assistants are not aware who is talking to them, it doesn’t matter if it’s you or … Continue reading

Elsewhere , , , , Leave a comment

Two Point Perspective Drawing Hack

As a kid I used to make loads of these kind of images. Pencil in one hand, ruler in the other. Turns out I could’ve ditched the ruler: (via)

Elsewhere , , Leave a comment

The flex-grow: 9999; hack

Imagine a flex container (display: flex) with two flex items in a row (flex-direction: row). Item A on the left, and item B on the right. I would like the flex items to be stacked on top of each other … Continue reading

Elsewhere , , , Leave a comment