[cryptography] crypto.cat

James A. Donald jamesd at echeque.com
Sat Mar 31 20:54:22 EDT 2012

On 2012-04-01 7:51 AM, natanael.l at gmail.com wrote:
> It's running in a browser using JS...

To attack JS, the attacker needs to induce the victim to open the 
attackers web page at the same time as the attacked web page, and 
successfully apply a cross site scripting attack.  The simplicity of the 
crypto.cat web page is apt to make cross site scripting attacks difficult.

More information about the cryptography mailing list