On the Disparity of Display Security in Mobile and Traditional Web Browsers
MetadataShow full item record
Mobile web browsers now provide nearly equivalent features when compared to their desktop counterparts. However, smaller screen size and optimized features for constrained hardware make the web experience on mobile browsers significantly different. In this paper, we present the first comprehensive study of the display-related security issues in mobile browsers. We identify two new classes of display-related security problems in mobile browsers and devise a range of real world attacks against them. Additionally, we identify an existing security policy for display on desktop browsers that is inappropriate on mobile browsers. Our analysis is comprised of eight mobile and five desktop browsers. We compare security policies for display in the candidate browsers to infer that desktop browsers are significantly more compliant with the policies as compared to mobile browsers. We conclude that mobile browsers create new security challenges and are not simply miniature versions of their desktop counterparts.