The Annoying Site aka "Power of the Web Platform"

Slide 1

Slide 1 text

THE ANNOYING SITE aka "The Power of the Web Platform"

Slide 2

Slide 2 text

Every system has two sets of rules: The rules as they are intended or commonly perceived, and the actual rules ("reality"). — Paul Buchheit

Slide 3

Slide 3 text

TAKING ADVANTAGE OF A GAP BETWEEN ▸ The written rules ▸ The actual rules

Slide 4

Slide 4 text

No content

Slide 5

Slide 5 text

HOW TO: Spy on the Webcams of Your Website Visitors

Slide 6

Slide 6 text

FLASH SETTINGS MANAGER

Slide 7

Slide 7 text

Fill Disk

Slide 8

Slide 8 text

EVERY DOMAIN CAN STORE 5 MB 1.filldisk.com 2.filldisk.com 3.filldisk.com 4.filldisk.com 5.filldisk.com 6.filldisk.com 7.filldisk.com ... and so on ...

Slide 9

Slide 9 text

Full Screen API Phishing Attack

Slide 10

Slide 10 text

WebTorrent

Slide 11

Slide 11 text

▸ Service Worker ▸ Web Audio ▸ Web Payments ▸ Web Push Notifications ▸ WebAssembly ▸ WebGL ▸ WebRTC ▸ WebVR

Slide 12

Slide 12 text

No content

Slide 13

Slide 13 text

No content

Slide 14

Slide 14 text

No content

Slide 15

Slide 15 text

"The web is ready to bring back ActiveX." — Feross

Slide 16

Slide 16 text

No content

Slide 17

Slide 17 text

▸ Java Web Start / Flash ▸ and ▸ ▸ ▸ ▸ String.prototype.big ▸ String.prototype.quote

Slide 18

Slide 18 text

MOVE A WINDOW AROUND ▸ window.moveTo() ▸ window.moveBy() ▸ window.resizeTo() ▸ window.resizeBy()

Slide 19

Slide 19 text

SAME ORIGIN POLICY

Slide 20

Slide 20 text

No content

Slide 21

Slide 21 text

OPEN A NEW WINDOW ▸ window.open()

Slide 22

Slide 22 text

No content

Slide 23

Slide 23 text

OPEN A NEW WINDOW const win = window.open('', '', 'width=100,height=100') MOVE IT AROUND win.moveTo(10, 10) win.resizeTo(200, 200)

Slide 24

Slide 24 text

"USER INITIATED" EVENT HANDLER document.addEventListener('click', () => { const win = window.open('', '', 'width=100,height=100') win.moveTo(10, 10) win.resizeTo(200, 200) })

Slide 25

Slide 25 text

NOW, LET'S ADD THE FUN PART let i = 0 setInterval(() => { win.moveTo(i, i) i = (i + 5) % 200 }, 100)

Slide 1

Slide 1 text

Slide 2

Slide 2 text

Slide 3

Slide 3 text

Slide 4

Slide 4 text

Slide 5

Slide 5 text

Slide 6

Slide 6 text

Slide 7

Slide 7 text

Slide 8

Slide 8 text

Slide 9

Slide 9 text

Slide 10

Slide 10 text

Slide 11

Slide 11 text

Slide 12

Slide 12 text

Slide 13

Slide 13 text

Slide 14

Slide 14 text

Slide 15

Slide 15 text

Slide 16

Slide 16 text

Slide 17

Slide 17 text

Slide 18

Slide 18 text

Slide 19

Slide 19 text

Slide 20

Slide 20 text

Slide 21

Slide 21 text

Slide 22

Slide 22 text

Slide 23

Slide 23 text

Slide 24

Slide 24 text

Slide 25

Slide 25 text

Slide 26

Slide 26 text

Slide 27

Slide 27 text

Slide 28

Slide 28 text

Slide 29

Slide 29 text

Slide 30

Slide 30 text

Slide 31

Slide 31 text

Slide 32

Slide 32 text