A technique that exploits the way Web browsers store recently viewed data could compromise Internet users' privacy by allowing an attacker to check what sites a person has visited recently.
Published:
15 December 2000 y., Friday
A technique that exploits the way Web browsers store recently viewed data could compromise Internet users' privacy by allowing an attacker to check what sites a person has visited recently.
The exploit--called a "timing attack"--allows an unethical Web site to play 20 questions (or more) with a person's browser and check whether the surfer has recently viewed any sites from a predetermined list. An employer could use the technique on internal Web sites to see whether any employees have been visiting the competition's job listings. A Web portal could check whether a person has recently visited any of its sponsors.
"The attacks allow any Web site to determine whether or not each visitor has recently visited some other site" or set of sites, Edward Felten, a professor of computer science at Princeton University, and Michael Schneider, a graduate student, wrote in a paper published at a technical conference last month. "The attacker can do this without the knowledge or consent of either the user or the other site," they wrote. The attack takes advantage of the data caches used by browsers to speed access to recently visited Web sites. Caching is a technique that stores copies of frequently accessed data in a nearby location, whether on a person's PC or on a server on the local area network. The ability to store recently viewed items significantly reduces the amount of data that has to move over the Internet.
Šaltinis:
two.digital.cnet.com
Copying, publishing, announcing any information from the News.lt portal without written permission of News.lt editorial office is prohibited.
The most popular articles
Software company announced new structure_ of it_s business.
more »
Microsoft's Bing search engine will be the sole provider of search and paid search technology for all of Yahoo's websites. Yahoo will sell premium search ads for both companies.
more »
Thales UK today announces that its Cat III Instrument Landing System (ILS)1 has received UK approval for installation at Bournemouth Airport.
more »
Postbank customers can now pay their fuel bills at Shell service stations and withdraw cash as stations in Hamburg, Germany, have been converted to the new technology from Wincor Nixdorf International.
more »
Japanese company Crescent has simulated a series of emergency situations that people may have to deal with in the workplace. By practicing with these simulations they can learn how to cope with a real-life crisis.
more »
The touchscreen device built on Google's Android platform equates to a bold attempt by HTC to take on Apple's popular iPhone - not by creating a copycat - but by building an attractive alternative.
more »
A devious piece of criminal coding that has been quietly at work in a clutch of ATMs at banks in Russia and Ukraine has recently been discovered.
more »
In the person-to-person transfer business, text messaging is so 2008.
more »
Bank Central Asia, one of Indonesia's largest banks, has partnered with Wincor Nixdorf International to rejuvenate its branch network.
more »
What's cooking at Tokyo's International Food Machinery and Technology Expo? For this robo-chef, it's okonomiaki, Japanese pancakes.
more »
Taking attendance at Aoyama University used to be a chore, but no longer as the Japanese school is giving over 500 iPhones to students and faculty in an effort to enhance the classroom experience.
more »