A technique that exploits the way Web browsers store recently viewed data could compromise Internet users' privacy by allowing an attacker to check what sites a person has visited recently.
Published:
15 December 2000 y., Friday
A technique that exploits the way Web browsers store recently viewed data could compromise Internet users' privacy by allowing an attacker to check what sites a person has visited recently.
The exploit--called a "timing attack"--allows an unethical Web site to play 20 questions (or more) with a person's browser and check whether the surfer has recently viewed any sites from a predetermined list. An employer could use the technique on internal Web sites to see whether any employees have been visiting the competition's job listings. A Web portal could check whether a person has recently visited any of its sponsors.
"The attacks allow any Web site to determine whether or not each visitor has recently visited some other site" or set of sites, Edward Felten, a professor of computer science at Princeton University, and Michael Schneider, a graduate student, wrote in a paper published at a technical conference last month. "The attacker can do this without the knowledge or consent of either the user or the other site," they wrote. The attack takes advantage of the data caches used by browsers to speed access to recently visited Web sites. Caching is a technique that stores copies of frequently accessed data in a nearby location, whether on a person's PC or on a server on the local area network. The ability to store recently viewed items significantly reduces the amount of data that has to move over the Internet.
Šaltinis:
two.digital.cnet.com
Copying, publishing, announcing any information from the News.lt portal without written permission of News.lt editorial office is prohibited.
The most popular articles
Software company announced new structure_ of it_s business.
more »
A number of MEPs urged Internal Market Commissioner Michel Barnier to come up with common rules to regulate cross border online gambling in Europe.
more »
Think before you post as once you do it is online forever. That was the message on Safer Internet Day marked on 9 February by a seminar in the European Parliament.
more »
50% of European teenagers give out personal information on the web – according to an EU study – which can remain online forever and can be seen by anybody.
more »
When did the Commission start working on social networking sites?
more »
ICSA Labs, an independent division of Verizon Business, is the first independent security-product testing and certification laboratory to earn ISO/IEC 17025 accreditation, validating the laboratory's world-class capabilities.
more »
From today, European citizens, businesses and organisations can register .eu website names using characters from all 23 official languages of the European Union.
more »
Authorities investigated 301 mobile phone services websites in follow-up to EU crackdown on misleading consumer practices.
more »
After nearly 2 years of legislative work the Telecom Package is due to be put to a final vote in Parliament on 24 November in Strasbourg.
more »
The Christian Science Monitor reports that three men have been named as being the masterminds behind the hacking of RBS WorldPay, a subsidiary of the Royal Bank of Scotland.
more »
BAI’s Banking Strategies Insights reports that banks must get serious about improving their ATMs, especially in the area of envelope-free deposit.
more »