Browsers & browsing history: released 4 0day

Browsers & browsing history: A team of researchers from Stanford and San Diego Universities have published a survey for Browser history re: visited.

The researchers with τους, αποκαλύπτουν στο κοινό τέσσερις νέες και λειτουργικές through the browsing history of the browsers.
Browsers

Leak attacks affect all modern περιήγησης που δεν εμποδίζουν την αποθήκευση του ιστορικού περιήγησης. Με λίγα λόγια, ο , ο Chrome, ο Internet Explorer και ο Edge είναι ευάλωτες while Tor Browser is not.

Most web browsers log the websites they visit by default. It is a feature used for convenience by the browser. When the type in the address bar browsers remember the exact address and even suggest it in an autofill function.

Let's look at the attacks on your browsing history

The first attack discovered by the researchers uses the CSS Paint API to determine if a particular URL was visited by the user.

The second attack uses 3D CSS transforms, a που κυκλοφόρησε με την έκδοση CSS 3. Ένας εισβολέας συλλέγει 3D CSS και τα μετασχηματίζει σε άλλα CSS για να δημιουργήσει στοιχεία s.

The third attack uses SVG images and the CSS fill rule. The attack uses an SVG image inside a login element and a "set of CSS fill rules".

The fourth and last attack uses Chrome's bytecode cache to determine whether a JavaScript source file has previously been loaded into the browser.

All four attacks have one audience: they must specify the URLs to control them. None of them can retrieve a user's entire browsing history.

How effective are these attacks? Researchers say one of these attacks can determine the 6000 address status per second.

Researchers have reported vulnerabilities to browser developers, but it will take months to get the necessary fixes.

____________________

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).