Xiaoyin Liu is an independent security researcher and bug bounty hunter. He obtained his Bachelor of Science degree in mathematics and computer science from the University of North Carolina at Chapel Hill, in United States. He is mostly interested in hunting logical vulnerabilities in web browsers and other client applications on Windows. He has been acknowledged by Microsoft, Mozilla, Google, and many more. Besides bug hunting, he also likes to contribute to various IT communities, such as open source projects and IETF working group discussions on mailing lists. He is acknowledged as a contributor to RFC 8446 (TLS 1.3 spec) and RFC 8442. In the past, he has given a presentation at BSides Munich 2019.
There are plenty of security features for web browsers. Examples include XSS Filters, Content Security Policy, HTTP Strict Transport Security, and more. Also, there are some browsers that are designed to enhance users’ privacy, such as Tor Browser and Brave Browser. In this presentation, I will talk about five logical vulnerabilities in Chrome, Brave, and Tor Browser, that allow attackers to bypass security features, or to leak user’s private information.