3

I'm thinking of using either sessionStorage or localStorage to store some important user data.

The extension's functionality will only work in the context of a particular website that defaults to HTTPS.

The data isn't confidential but I want to make sure that it cannot be modified or deleted by a malicious attacker because it is fundamental to the operation of the extension.

What precautions do I need to take?

user5508297
  • 171
  • 1
  • 5
  • Formatting the drive will definitely remove the data. So too might deleting the user or uninstalling the app. Can you be more specific? Do you mean deleted or modified by other applications? By other websites? By a browser extension? By a non-admin user? – Neil Smithline Jun 30 '16 at 00:55
  • Hi @NeilSmithline , thanks for your comment. I've just edited the title and body of my post to make it clearer what I mean. Please let me know if you'd like me to be even more specific. – user5508297 Jun 30 '16 at 00:58
  • Who is the supposed "attacker" here? The user? A malware installed in the user's system? Or someone trying to MITM? Is the connection between the server and the client encrypted? – Lie Ryan Jun 30 '16 at 02:19
  • 1
    I think Ryan did a good job answering. If that's not what you meant, edit your question to clarify – Neil Smithline Jun 30 '16 at 03:35
  • Hi everyone, I've just edited my post to make it clearer. Apologies for the rather vague original question - I posted it last night when I was tired. – user5508297 Jun 30 '16 at 14:27

1 Answers1

6

The user can modify and delete anything stored in their browser. Any malware installed in the user's system with the user's privilege can also do so.

The system administrator can also modify and delete anything stored in any user's browser. Any malware with the administrator's privilege can do the same.

Another non privileged user in the same system generally won't be able to modify or delete another user's browser storages, however there's a number of other avenues of attacks that might be possible when an attacker have unfettered physical access, so don't rely heavily on it.

An attacker MITMing unencrypted connection between the user and your server can on some limited circumstances, modify and delete these storages.

An attacker MITMing a properly encrypted connection between the user and your server would not be able to do so. Improperly configured encryption may not give you effective security, so make sure you configure your encryption correctly and train your users not to ignore certificate errors and warnings.

Lie Ryan
  • 31,089
  • 6
  • 68
  • 93
  • Nice answer! Why only "under some limited circumstances"? Just inject som JS that modify it into a page. Also, I think a mention about using XSS would be appropriate. – Anders Jun 30 '16 at 06:56
  • Thank you for the reply Lie Ryan. I agree with @Anders - very informative. I've just updated my original question (which was rather vague before) - do the new details I've mentioned change your answer? – user5508297 Jun 30 '16 at 14:30