Ryan Castellucci :nonbinary_flag:@dangoodin I just read through the article, my take away is "programs running an http listener on localhost without authentication are an old problem that was thought to have been addressed, but a vector was missed".
Firefox is the illustrative case here - it had no feature to protect these insecure localhost services in the first place.
Other browsers had implemented a mitigation to prevented them from being used to exploit these kinds of services, I assume back when DNS rebinding attacks were the new hotness.
Vulnerable localhost services were still vulnerable, and it turns out the mitigation to protect them was incomplete.
The one angle I do see is developers thinking it's okay not to have auth on the localhost service because websites can't trigger access to it. Turns out this was a bad assumption, but it never should have been relied upon in the first place.
All GNU social JP content and data are available under the