Browsers & browsing history: A team researchers from Stanford and San Diego Universities have published a survey for browser history (Browser history re:visited).
The researchers, with their study, reveal to the public four new and functional attacks through browsers' browsing history.
Leak attacks affect all modern browsers that do not prevent your browsing history from being saved. In short, Firefox, Chrome, Internet Explorer and Microsoft Edge are vulnerable applications while Tor Browser is not.
Most web browsers log the websites they visit by default. It is one feature που χρησιμοποιείται για ευκολία από το πρόγραμμα περιήγησης. Όταν οι χρήστες πληκτρολογούν στη γραμμή διευθύνσεων οι browsers θυμούνται την ακριβή διεύθυνση και μάλιστα την προτείνουν σε μια λειτουργία autofill.
Let's look at the attacks on your browsing history
The first attack discovered by the researchers uses the CSS Paint API to determine if a particular URL was visited by the user.
The second attack uses 3D CSS transformations, a technique released with CSS version 3. An attacker collects 3D CSS and transforms it into other CSS to create elements connections.
The third attack uses SVG images and the CSS fill rule. The attack uses a picture SVG inside a link element and a “string of CSS padding rules”.
The fourth and last attack uses Chrome's bytecode cache to determine whether a JavaScript source file has previously been loaded into the browser.
All four attacks have one audience: they must specify the URLs to control them. None of them can retrieve a user's entire browsing history.
How effective are these attacks? Researchers say one of these attacks can determine the 6000 address status per second.
Researchers have reported vulnerabilities to browser developers, but it will take months to get the necessary fixes.
____________________
- Windows 10 October updates 6 week in October
- Open Secure-K OS operating on USB
- Google responsible for the death of CIA agents
