A blog describing a lot of vulnerability !

This text is about the dangers of man-in-the-middle attacks on browsers, especially in the scenario of open or rogue wifi networks. The scenario I'm assuming here is something like this:

You are travelling.
You have your notebook/smartphone/... with you.
You don't have an internet connection.
There is an open wifi that you could use.
You just want to check the news.
Maybe you also want to check your webmail or so (over SSL, of course)
Your browser and the plugins in it are fully patched and there's nobody who would attack you with an 0day and has one.
Your browser executes Javascript (by default). (Some of the attacks are possible without that, but the really scary stuff isn't.)

Given this scenario, what could go wrong?
I will show that an attacker could probably effectively gain code execution access to your machine in the long term.

Consider two people on the same open WLAN: Bob and Eve. Eve wants to get Bob to visit a malicious webpage she created so that she can install malware onto Bob’s computer via a drive-by download, or perhaps show a spoofed website to try and steal Bob’s credentials.

Une importante quantité de documents sur la sécurité

Db of public exploit on kernel and program service provider