You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Summary:
Thank you for designing the Frame Desktop Application and making it open source and available. The application does a great job of using secure preferences when the user navigates to arbitrary websites. We list pointers of concern below that can help make the application more secure.
[IPC Messages]: Since the application uses custom IPC and integrates with multiple Dapps, it will be helpful to verify the sender of each event of IPC messages before handling and responding to them in IPC Main. [Link]
[Encrypting Cookies]: The application stores sensitive cookies on the filesystem. It will be helpful to use a fuse to encrypt cookies. [Link]
Thank you!
Platform(s) Affected:
Windows, Linux, MacOS
–
Mir Masood Ali, PhD student, University of Illinois at Chicago
Mohammad Ghasemisharif, PhD Candidate, University of Illinois at Chicago
Chris Kanich, Associate Professor, University of Illinois at Chicago
Jason Polakis, Associate Professor, University of Illinois at Chicago
The text was updated successfully, but these errors were encountered:
Summary:
Thank you for designing the Frame Desktop Application and making it open source and available. The application does a great job of using secure preferences when the user navigates to arbitrary websites. We list pointers of concern below that can help make the application more secure.
Thank you!
Platform(s) Affected:
Windows, Linux, MacOS
–
Mir Masood Ali, PhD student, University of Illinois at Chicago
Mohammad Ghasemisharif, PhD Candidate, University of Illinois at Chicago
Chris Kanich, Associate Professor, University of Illinois at Chicago
Jason Polakis, Associate Professor, University of Illinois at Chicago
The text was updated successfully, but these errors were encountered: