A technique that exploits the way Web browsers store recently viewed data could compromise Internet users' privacy by allowing an attacker to check what sites a person has visited recently.
Published:
15 December 2000 y., Friday
A technique that exploits the way Web browsers store recently viewed data could compromise Internet users' privacy by allowing an attacker to check what sites a person has visited recently.
The exploit--called a "timing attack"--allows an unethical Web site to play 20 questions (or more) with a person's browser and check whether the surfer has recently viewed any sites from a predetermined list. An employer could use the technique on internal Web sites to see whether any employees have been visiting the competition's job listings. A Web portal could check whether a person has recently visited any of its sponsors.
"The attacks allow any Web site to determine whether or not each visitor has recently visited some other site" or set of sites, Edward Felten, a professor of computer science at Princeton University, and Michael Schneider, a graduate student, wrote in a paper published at a technical conference last month. "The attacker can do this without the knowledge or consent of either the user or the other site," they wrote. The attack takes advantage of the data caches used by browsers to speed access to recently visited Web sites. Caching is a technique that stores copies of frequently accessed data in a nearby location, whether on a person's PC or on a server on the local area network. The ability to store recently viewed items significantly reduces the amount of data that has to move over the Internet.
Šaltinis:
two.digital.cnet.com
Copying, publishing, announcing any information from the News.lt portal without written permission of News.lt editorial office is prohibited.
The most popular articles
Software company announced new structure_ of it_s business.
more »
60 Percent Believe IT Can Transform How Their Companies Manage Energy Consumption
more »
Aladdin Knowledge Systems Ltd. announced that its shareholders approved the definitive merger agreement, providing for the acquisition of the Company by a Vector Capital affiliate.
more »
Fiserv Inc. says a recent market study shows that banks and credit unions view mobile-deposit capture as a key consumer benefit, and they're looking to it as an extension of remote deposit capture.
more »
Teachers take educational website in new direction.
more »
Today at Mobile World Congress 2009, Microsoft Corp. CEO Steve Ballmer along with key mobile partners, HTC, LG and Orange, unveiled new Windows® phones featuring new user-friendly software and services.
more »
New facility to benefit customer operations in Asia Pacific.
more »
Microsoft has been awarded its 10,000th U.S. patent for a unique way of interacting with surface computers.
more »
Convenience, rather than security, will be the driving force behind the U.K. adoption of new payment methods, according to an independent survey of 1,000 British consumers.
more »
In the first handelsjournal competition for the best products for retail businesses, Wincor Nixdorf’s BEETLE /NetX nd BEETLE /iSCAN systems were awarded gold and silver in the categories environmental friendliness and customer satisfaction.
more »
Seventeen leading websites have agreed to put in place safeguards to protect young people from unwittingly risking their privacy and safety.
more »