on reddit/HN
This post in based on an interesting trick by @typicalrabbit.
UPD: This has been known since 2011, but not fixed yet. Why?! I made a PoC to demonstrate the severity.
TL;DR this works precisely like regular clickjacking - you click on a transparent flash object, it allows access to Camera/Audio channel. Voila, attacker sees and hears you.
This is not a stable exploit (tested on Mac and Chrome. I do use Mac and Chrome so this is a big deal anyway).
Your photo can be saved on our servers but we don't do this in the PoC. (Well, we had an idea to charge $1 for deleting a photo but it would not be fun for you). Donations are welcome though.
Proof of Concept (not safe for work a bit)
Wait a minute! Hire us for security stuff.
