Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I find the fact that you can do this in the DOM without special permissions kind of spooky! Does that mean that websites can be grabbing my screen if they are running in the background?

Thanks for your detailed writeup! I bought the app and am gonna use it!



websites can't grab your screen (say, they can't grab what you have on your excel window, or what's your taskbar, etc), but they can grab what is inside their browser tab. Which is what his example is doing.


I think the Window Server hack they are doing could definitely be used for interesting exploits. He isn't just recording the DOM that's for sure.


There's a service called Smartlook (https://www.smartlook.com/) that does exactly this, at scale, for user analytics.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: