This simple attack, can be much more annoying then it looks, due to the popularity of tab enabled web-browsers such as Firefox and IE7.
As you can see this small script will turn your web-browser completely unresponsive and thus force you to kill it. The first instinct will be restore the crashed session, but it won’t be possible, as it will reopen the page with the malicious code. So you will have to start your a new session and reopen each tab manually. This small script allowed a malicious user, to force you to crash your own web-browser, while loosing data (unsent email, blog post, or any kind of unsaved form data), without you having any option to prevent it.
To solve this situation we need to take a look at what caused it. Let’s say the malicious site has been open in its own web-browser instance. In this case you would just kill this instance and continue browsing in the other open windows. But when you open several other sites in the same instance using tabs, you will have to close all of them. This happened because there isn’t enough separation between tabs. In this case a page loaded in one effects all other opened tabs.
In order to fix and prevent this kind of DOS attack, browser developers need to take a new approach of separation between tabs.
- In under no circumstances one tab should be able to effect other tabs’ status.
- Also tab shouldn’t be able to prevent the user from closing it or switching to another tab.
I’m no web-browser developer, but this shouldn’t be too hard to implement in order to fix such old, yet annoying problem, which becomes much more annoying in a tabbed web-browsing environment.