Friday, 22 May 2015 00:00

Vulnerability in HTML 5 dumps unnecessary information to hard drive

Rate this item
(0 votes)

b2ap3_thumbnail_iStock_000006985027XSmall.jpgVulnerability in HTML 5 allows to fill user’s hard drive with unnecessary data, at the same time user will not even notice it.
This vulnerability is used, in particular, by FillDisk.com, as informs The Verge. The website was created by web-developer Feross Aboukhadijeh with purpose of drawing attention of Internet browsers' developers to this vulnerability.

The vulnerability is in the HTML Web Storage standard that allows writing to local cache fragments of data 5-10 MB in size. The standard limits the maximum size of domain recording, however this quota can be overridden by using sub domains that are recognized as different data “sources” and therefore fill the user’s hard drive completely.

This vulnerability is practically in all modern browsers: Chrome, Internet Explorer, Safari и Opera. According to internet forums Firefox is protected against it.

Last modified on Friday, 22 May 2015 12:32
Data Recovery Expert

Viktor S., Ph.D. (Electrical/Computer Engineering), was hired by DataRecoup, the international data recovery corporation, in 2012. Promoted to Engineering Senior Manager in 2010 and then to his current position, as C.I.O. of DataRecoup, in 2014. Responsible for the management of critical, high-priority RAID data recovery cases and the application of his expert, comprehensive knowledge in database data retrieval. He is also responsible for planning and implementing SEO/SEM and other internet-based marketing strategies. Currently, Viktor S., Ph.D., is focusing on the further development and expansion of DataRecoup’s major internet marketing campaign for their already successful proprietary software application “Data Recovery for Windows” (an application which he developed).

Leave a comment

Make sure you enter the (*) required information where indicated. HTML code is not allowed.