[whatwg] Full Screen API Feedback
Henri Sivonen
hsivonen at iki.fi
Sun May 15 06:46:01 PDT 2011
On May 13, 2011, at 19:17, Eric Carlson wrote:
>> I don't know of exploits in the wild, but I've read about
>> proof-of-concept exploits that overwhelmed the user's attention visually
>> so that the user didn't notice the "Press ESC to exit full screen"
>> message. This allowed subsequent UI spoofing. (I was unable to find the
>> citation for this.)
>>
> Maybe you were thinking of this: http://www.bunnyhero.org/2008/05/10/scaring-people-with-fullscreen/.
I'm not sure if that's the exact demo I have seen before, but it uses the same idea as the demo I've seen before.
--
Henri Sivonen
hsivonen at iki.fi
http://hsivonen.iki.fi/
More information about the whatwg
mailing list