Open manuelvsousa opened 3 years ago
Could be interesting. :D Cache timings can be used to detect the websites a user has visited even with tor using window timings. https://www.usenix.org/conference/soups2020/presentation/bird
https://supercookie.me/workwise seems like a good way to fingerprint users.
Some XS-Leaks are not state-dependent and can be used to leak information about internal networks, for example, with port scanning
The wiki currently focuses on web applications and their behaviors based on user information which is strictly connected with user sessions (cookies). The wiki could have a dedicated spot to address a different perspective around XS-Leaks.
Feel free to share any ideas about this.