Fascinating.

Is it correct to say that extracting information about the text in a target iframe using this attack depends on knowing the pixel widths of all the characters in the font used in an arbitrary line of text in the target iframe?

It is even more complex as the width of a text in most fonts also varies with the specific order of the characters because of kerning (VAI takes less space than VIA, because the A is placed closer to the V in former) and ligatures (for example the dot of the i in "fi" is often swallowed by the f).

From the headline, i first thought about the MKV video container and video frames. :)

Good thing I do not run Javascript, esp. when items are fetched from other domains:

http://postimg.org/image/3m9v8eyrx/

I wonder how many people are still naive, and just leave it JS on, no questions asked..

Q: How do you know when an HN user browses the Web with JavaScript turned off?

A: They'll tell you.

Yahoo found in 2010: 98%+, depending on country

http://stackoverflow.com/questions/9478737/browser-statistic...

Could the browser make small fractional random changes (+/-1 px) to the requested iframe size to avoid this attack?