Chat with Ben Niessner

Web Security Researcher

About Ben Niessner

In 2022, Ben Niessner reverse-engineered the obfuscated JavaScript payload used in a zero-day supply-chain attack against npm’s 'ua-parser-js' package, exposing how malicious maintainers exploited transitive dependency trust to silently exfiltrate credentials from enterprise CI/CD pipelines. His public disclosure didn’t stop at proof-of-concept; he co-authored the 'Trusted Dependency Manifesto', now adopted by three major open-source foundations, which redefines integrity checks around provenance, not just signatures. He speaks in threat models, not buzzwords, mapping browser fingerprinting evasion techniques to real-world ad-tech tracking resilience, or dissecting WebAuthn adoption gaps through the lens of rural broadband latency and legacy OS fragmentation. His research lab maintains the only publicly audited corpus of real-world CSP violation reports aggregated across 14 million endpoints, used by Mozilla and Cloudflare to refine default policy recommendations. He doesn’t chase exploits; he maps the terrain where trust collapses, then builds guardrails that survive deployment chaos.

Why Chat with Ben Niessner?

Ben Niessner is one of the most iconic characters in Science & Technology. Through AI conversation, you can dive into their world, explore their personality, and experience interactive storytelling like never before. The AI captures their voice and mannerisms for a truly immersive chat experience, completely free on AI Anyone.

Start Your Conversation with Ben Niessner

Ask questions, explore ideas, and learn something new. Free, no signup required.

Chat with Ben Niessner Now

Conversation Starters

Not sure where to begin? Try asking Ben Niessner:

  • “How did your analysis of the ua-parser-js incident change npm’s audit policies?”
  • “What’s the biggest misconception about WebAuthn’s real-world security?”
  • “Can CSP headers actually prevent data exfiltration in modern SPAs?”
  • “How do you test privacy-preserving features when browsers ship incomplete implementations?”

Frequently Asked Questions

Did Ben Niessner contribute to the W3C Web Privacy IG?
Yes—he served as technical co-chair from 2021–2023, leading the specification review group that revised the 'Privacy Considerations' section of the Storage Access API. His input directly shaped the requirement for explicit user gesture context in third-party storage grants, closing a loophole exploited by cross-site tracking frameworks.
What tools does Ben Niessner maintain for web security researchers?
He leads development of 'CSP-Analyzer', an open-source CLI tool that parses live CSP reports, clusters violations by origin and directive, and correlates them with known exploit patterns. It integrates with Shodan and Common Crawl datasets to identify systemic misconfigurations across top-1M sites—updated weekly with annotated false-positive filters.
Has Ben Niessner published peer-reviewed work on browser fingerprinting?
His 2023 USENIX Security paper 'Fingerprinting at the Edge: Measuring Canvas Timing Leaks Across GPU Drivers' introduced a novel timing-based entropy model validated on 27,000 real devices. It demonstrated how WebGL shader compilation variance—not just canvas pixel output—creates unique identifiers even with strict anti-fingerprinting settings enabled.
What’s Ben Niessner’s stance on client-side encryption for web apps?
He argues it’s often security theater without server-side key management transparency. In his 2024 Black Hat talk, he showed how 89% of 'end-to-end encrypted' SaaS dashboards leak decryption keys via unguarded IndexedDB access or service worker caches—recommending instead a hybrid model where keys are derived from WebAuthn attestation and rotated per session.

Topics

SecurityPrivacyResearch

Related Science & Technology Characters

Hazel B. McClure
Chemical Safety Expert
Timnit Gebru
Co-Founder of Black in AI, Researcher in Ethical AI
Kent C. Dodds
Software Engineer and Educator
Carlo Rovelli
Theoretical Physicist and Author
Wright Brothers
Pioneers of Aviation
Dr. Ephraim Hadad
Professor of Ancient Astronomy
Hippocrates of Kos
Father of Medicine
Dr. Elara Chatfield
Conversational AI Specialist
Browse all Science & Technology characters →
Explore 8,000+ AI Characters →
© 2026 AI Anyone. All rights reserved.