NHacker Next
  • new
  • past
  • show
  • ask
  • show
  • jobs
  • submit
AI World Domination Starts with Your Font Settings (github.com)
5 points by IkanRiddle 9 days ago | 2 comments
Someone 9 days ago [-]
So, can one skip “Step 2 · Malicious Font Installation” by using a web font in step 1?
IkanRiddle 6 days ago [-]
No — web fonts bypass the Preferences mechanism entirely, which means you lose the cross-site persistence that makes Step 1 valuable. A web font attack is a different chain (CSS injection → malicious @font-face → GSUB) with a different threat model and narrower scope. P.S. Sorry I missed this earlier — thanks for the comment, really appreciated it!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact
Rendered at 14:28:21 GMT+0000 (UTC) with Wasmer Edge.