Hacker News new | past | comments | ask | show | jobs | submit login

Every example in this paper stems from the issue that these password managers do not respect same origin policy. Sounds like something that's easy to fix for the developers.



SOP does not apply to form fields, which is the exploit vector for the Y! mail attack.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: