This article has been indexed from E Hacking News – Latest Hacker News and IT Security News
Security researchers at imec-DistriNet Research Group have discovered the vulnerabilities in e-book reading systems that allow hackers to exploit the user’s system by targeting the specific aspects of the electronic publication (EPUB).
Security researchers Gertjan Franken, Tom Van Goethem, and Wouter Joosen published a research paper that reads that e-book reading systems have similar flaws to web browsers. The electronic publication (EPUB) format depends primarily on XHTML and CSS (Cascading Style Sheets) to design e-books, with browser engines often used to render their contents.
Unfortunately, none of the e-book reading systems researchers properly followed the EPUB specification’s security guidelines. The researchers used the semi-automated testbed to identify that 16 of the 97 systems allowed an EPUB to leak information about the user’s file system, and in eight cases, extract file contents. Researchers warned that hackers could easily achieve full e-book reading systems.
“Of course, the significance depends on the platform that is used; e-readers generally won’t contain sensitive files, while smartphones could contain private pictures,” Franken told The Daily Swig. The team also carried out a manual evaluation of the most popular EPUB reading applications on Amazon Kindle, Apple Books, and the EPUBRea
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: Security Experts Unearthed the Flaws in EPUB Similar to Web Browsers