A technique that exploits the way Web browsers store recently viewed data could compromise Internet users' privacy by allowing an attacker to check what sites a person has visited recently.
Published:
15 December 2000 y., Friday
A technique that exploits the way Web browsers store recently viewed data could compromise Internet users' privacy by allowing an attacker to check what sites a person has visited recently.
The exploit--called a "timing attack"--allows an unethical Web site to play 20 questions (or more) with a person's browser and check whether the surfer has recently viewed any sites from a predetermined list. An employer could use the technique on internal Web sites to see whether any employees have been visiting the competition's job listings. A Web portal could check whether a person has recently visited any of its sponsors.
"The attacks allow any Web site to determine whether or not each visitor has recently visited some other site" or set of sites, Edward Felten, a professor of computer science at Princeton University, and Michael Schneider, a graduate student, wrote in a paper published at a technical conference last month. "The attacker can do this without the knowledge or consent of either the user or the other site," they wrote. The attack takes advantage of the data caches used by browsers to speed access to recently visited Web sites. Caching is a technique that stores copies of frequently accessed data in a nearby location, whether on a person's PC or on a server on the local area network. The ability to store recently viewed items significantly reduces the amount of data that has to move over the Internet.
Šaltinis:
two.digital.cnet.com
Copying, publishing, announcing any information from the News.lt portal without written permission of News.lt editorial office is prohibited.
The most popular articles
Software company announced new structure_ of it_s business.
more »
Wincor Nixdorf supports banks in networking their delivery channels and enables new customer services by continuously developing its ProClassic/Enterprise Retail Banking Solution Suite.
more »
From the opening of new branches to their operation and modernization – Wincor Nixdorf presents its end-to-end offer for a branch’s entire lifecycle and shows what state-of-the-art branch design can look like.
more »
Visa will hold its first one-day Key Management Training series in conjunction with ATMIA.
more »
The United States is at the center of many conversations in Europe these days.
more »
Wincor Nixdorf is moving toward the new European standard EPAS (Electronic Protocols Application Software), which is now available as part of the introduction of SEPA for integrating cashless payment solutions in checkouts.
more »
Wincor Nixdorf expands Professional Services portfolio.
more »
Over the years, Wincor World has developed into a premier branch event. It is an important communications forum for the 40 partner companies participating in the event and provides an ideal platform for exhibiting more than 600 IT solutions and services.
more »
Three-tier concept for more security.
more »
The transfer and processing of transactions with debit and credit cards generates a high administration overhead for financial institutes and retail companies alike, and also requires a suitable IT infrastructure.
more »
International Education Assessment Leaders PISA and TIMSS Endorse Project, Plan to Incorporate Key Findings into Next Versions of International Benchmarks
more »