A technique that exploits the way Web browsers store recently viewed data could compromise Internet users' privacy by allowing an attacker to check what sites a person has visited recently.
Published:
15 December 2000 y., Friday
A technique that exploits the way Web browsers store recently viewed data could compromise Internet users' privacy by allowing an attacker to check what sites a person has visited recently.
The exploit--called a "timing attack"--allows an unethical Web site to play 20 questions (or more) with a person's browser and check whether the surfer has recently viewed any sites from a predetermined list. An employer could use the technique on internal Web sites to see whether any employees have been visiting the competition's job listings. A Web portal could check whether a person has recently visited any of its sponsors.
"The attacks allow any Web site to determine whether or not each visitor has recently visited some other site" or set of sites, Edward Felten, a professor of computer science at Princeton University, and Michael Schneider, a graduate student, wrote in a paper published at a technical conference last month. "The attacker can do this without the knowledge or consent of either the user or the other site," they wrote. The attack takes advantage of the data caches used by browsers to speed access to recently visited Web sites. Caching is a technique that stores copies of frequently accessed data in a nearby location, whether on a person's PC or on a server on the local area network. The ability to store recently viewed items significantly reduces the amount of data that has to move over the Internet.
Šaltinis:
two.digital.cnet.com
Copying, publishing, announcing any information from the News.lt portal without written permission of News.lt editorial office is prohibited.
The most popular articles
Software company announced new structure_ of it_s business.
more »
Gemalto teaming up with two banking technology leaders to help banks in Venezuela move to a new, high-tech smart credit card that will better protect their customers from fraud and identity theft.
more »
The new Bull HPC-FF1 supercomputer with 100 Teraflops-capacity will host applications for the European Union Fusion community.
more »
Gemalto, the world leader in digital security today announced its revenue for the full year and fourth quarter of 2008.
more »
Wincor World 2009, which was held in Paderborn from January 20 to 22, has once more proven to be the place where experts from retail banking and retailers gather, even in times of economic crisis.
more »
Motorola Inc. announced it has been recognized with one of the world’s foremost industrial design honors, an iF product design award.
more »
The EU’s antiterrorism coordinator, Gilles de Kerchove, and Interpol representatives, will brief MEPs on Thursday about progress in combating terrorism.
more »
The Tesco retail chain in Poland has chosen Wincor Nixdorf to maintain its 4,600-strong estate of POS systems and servers from different vendors.
more »
Gemalto, the world leader in digital security, announces it will deliver an additional one million of its latest generation electronic ID cards for citizens and residents of the Kingdom of Bahrain.
more »
CAXA increases sales and reduces costs with Aladdin HASP SRM.
more »
Bull extends the deployment of Comptel Dynamic OSS, at the heart of the telco's information systems.
more »