With a bit of creativity, practically anything is possible! You’re right in > that the JS could not have DIRECT access to the user’s file system, but as > explained in > > https://nakedsecurity.sophos.com/2016/06/20/ransomware-thats-100-pure-javascript-no-download-required/, > > one could simply use JS to connect to a server to install a malicious exe, > which it could then run. > Essentially, the JS could easily apply a cipher to the file to thus > “encrypt it”, and use the exe to rewrite the file content with this > encrypted text. > The exe could also handle deletion of backups, or pretty much anything > else needed. >
Hmm that article is about tricking users into double-clicking on .JS files so that they run under the Windows Scripting Host, and doesn't really cover the situation of TiddlyWiki. Best wishes Jeremy > > On Sat, Aug 21, 2021 at 7:02 PM Scott Simmons (Secret-HQ) < > [email protected]> wrote: > >> On Tuesday, August 17, 2021 at 9:12:15 AM UTC-4 [email protected] wrote: >> >> What makes this more dangerous than the iframe is that it has DIRECT >>> ACCESS to your TW instance, so practically anything can be done. For >>> example, I could steal your tiddlywiki instance, encrypt it, and hold it >>> for ransom, as soon as your page loaded. >>> >> >> Just to make sure I'm understanding correctly: That *particular* attack >> wouldn't yield much fruit, would it? The attacker would have an encrypted >> version of TiddlyWiki only xe could access, but the original user would >> still have the version xe opened on xir local hard drive or the Web site xe >> loaded the page from in the first place. All that would be encrypted for >> ransom would be the session-specific instance of that file, not the source >> file (which the browser can't encrypt and save over on the fly). >> >> Or am I misunderstanding? >> >> -- >> You received this message because you are subscribed to the Google Groups >> "TiddlyWiki" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/tiddlywiki/25edd7f6-9dcc-4109-8fb8-51884c6382acn%40googlegroups.com >> >> <https://groups.google.com/d/msgid/tiddlywiki/25edd7f6-9dcc-4109-8fb8-51884c6382acn%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> > -- You received this message because you are subscribed to the Google Groups "TiddlyWiki" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/9f71bb5b-0882-41f5-ac01-b7e4305f0cb5n%40googlegroups.com.
