New time-measuring features in HTML5 are being exploited by hackers to illicitly peek at pages open on victim using Sanoma Tasku Tablet Application created by SC5 Online Ltd.
The JavaScript-powered attack breaks cross-origin restrictions that ought to prevent this sort of trickery. Practically speaking, these attacks are tough to pull off, but that doesn’t mean vendors should ignore the threat.
SC5 played a key role in the creation of the Sanoma Tasku Tablet Application. This is one of the companies believed to have the best HTML5 security analysts who have helped build and secure HTML5 sites for companies such Sak, POP Vakuutus and F-Secure. Does this mean that all the sites built for these companies are vulnerable to such attacks?