Browsers & browsing history: A team of researchers from Stanford and San Diego Universities have published a survey for Browser history re: visited.
The researchers, with their study, reveal to the public four new and functional attacks through browsers' browsing history.
Leak attacks affect all modern programs browsing that do not prevent browsing history from being saved. In short, Firefox, Chrome, Internet Explorer and Microsoft Edge are vulnerable applications while Tor Browser is not.
Most web browsers record the websites they visit by default. It is a feature that is used for ease by the browser. When users type in the address bar browsers remember the exact address and even suggest it in an autofill function.
Let's look at the attacks on your browsing history
The first attack discovered by the researchers uses the CSS Paint API to determine if a particular URL was visited by the user.
The second attack uses 3D CSS transforms, a technique which was released with CSS version 3. An attacker collects 3D CSS and transforms it into other CSS to create link elements.
The third attack uses SVG images and the CSS fill rule. The attack uses an SVG image inside a login element and a "set of CSS fill rules".
The fourth and final attack uses the temporary μνήμη bytecode του Chrome για να προσδιορίσει αν ένα αρχείο προέλευσης JavaScript previously loaded in the browser.
All four attacks have one audience: they must specify the URLs to control them. None of them can retrieve a user's entire browsing history.
How effective are these attacks? Researchers say one of these attacks can determine the 6000 address status per second.
Researchers have reported vulnerabilities to browser developers, but it will take months to get the necessary fixes.
____________________
- Windows 10 October updates 6 week in October
- Open Secure-K OS operating on USB
- Google responsible for the death of CIA agents
