Security researchers have been warning about vulnerabilities and issues related to JavaScript and iframes for years, but the problem is much more serious than many people realize. At the Black Hat 2013 conference, UK-based security researcher Paul Stone claimed that he had developed a new technique that combines JavaScript-based timing attacks with other strategies to steal any information from a target user's browser. The attacker can access the source code of any webpage the user is logged into, which may contain various sensitive details such as user IDs and personal information. Stone stated that the attack affects all major browsers, and there is no simple fix available.