Skip to main content
Information Security

You are not logged in. Your edit will be placed in a queue until it is peer reviewed.

We welcome edits that make the post easier to understand and more valuable for readers. Because community members review edits, please try to make the post substantially better than how you found it, for example, by fixing grammar or adding additional resources and hyperlinks.

Required fields*

5
  • Thank you. Can you elaborate? Of course all threats bar those I mitigated remain. That's exactly what I'm asking about. what are those threats? You mentioned CSRF. What else is there, again, assuming the attacker is outside and does not have a valid cert for the server.. I understand that the insider threats exist. I just want to limit the scope of the question. I first want to make sure I considered all reasonable threats that fall within the scope of the question. Commented Nov 13, 2024 at 0:34
  • 5
    @IamNaN: Like I said, CSRF breaks the barrier between “inside” and “outside”, so making this distinction isn’t useful and probably even counterproductive. Proxies, firewalls, strong authentication etc. are all reasonable security measures, but the web application cannot rely on them. When you assess the security of the application, assume that an attacker can send any request they want. This means you have to deal with the same threats as any other web application. If you’re not sure what those threats are, the OWASP Top 10 are a good starting point. Commented Nov 13, 2024 at 1:26
  • @IamNaN Unfortunately, not only is the current threat landscape vast, it's constantly changing (generally getting larger). A list of all, or even almost all, possible threats doesn't seem feasible in a stack exchange answer. If you want to effectively evaluate the attack surface of a system you support, my strong recommendation is to use one or more vulnerability scanning tools and/or services. If you dive into these tools and the supporting documentation, you'll find that there can be thousands of vulnerabilities for a single component of a system. Commented Nov 13, 2024 at 19:22
  • "and private keys do get compromised (especially when users store them as files without proper protection)" The windows keystore has the ability to store client certs such that the user is allowed to use them in e.gg. browser requests but not export the private key (I've read that admin users can work around this.) I'm curious what your opinion is on this type of scheme in general and in Windows. Commented Nov 14, 2024 at 22:21
  • 1
    One way to look at it: There is a whole variety of possible attacks, which stem from the fact of using the same application (a browser) for your protected app as well as executing third party code (other websites). Most stem from the fact that the code of different websites can interact (CSRF, click jacking, iframes, parameter injection, ...) some from the fact that code runs in the same process (extensions, timing-attacks, out of bounds memory access, ...) Commented Nov 15, 2024 at 9:33