A technique that exploits the way Web browsers store recently viewed data could compromise Internet users' privacy by allowing an attacker to check what sites a person has visited recently.
Published:
15 December 2000 y., Friday
A technique that exploits the way Web browsers store recently viewed data could compromise Internet users' privacy by allowing an attacker to check what sites a person has visited recently.
The exploit--called a "timing attack"--allows an unethical Web site to play 20 questions (or more) with a person's browser and check whether the surfer has recently viewed any sites from a predetermined list. An employer could use the technique on internal Web sites to see whether any employees have been visiting the competition's job listings. A Web portal could check whether a person has recently visited any of its sponsors.
"The attacks allow any Web site to determine whether or not each visitor has recently visited some other site" or set of sites, Edward Felten, a professor of computer science at Princeton University, and Michael Schneider, a graduate student, wrote in a paper published at a technical conference last month. "The attacker can do this without the knowledge or consent of either the user or the other site," they wrote. The attack takes advantage of the data caches used by browsers to speed access to recently visited Web sites. Caching is a technique that stores copies of frequently accessed data in a nearby location, whether on a person's PC or on a server on the local area network. The ability to store recently viewed items significantly reduces the amount of data that has to move over the Internet.
Šaltinis:
two.digital.cnet.com
Copying, publishing, announcing any information from the News.lt portal without written permission of News.lt editorial office is prohibited.
The most popular articles
Software company announced new structure_ of it_s business.
more »
According to the council's report, ATM-skimming fraud, which involves illicitly copying ATM card information stored on magnetic stripes, is increasing in Europe.
more »
Building on the success of the recent HP TouchSmart PC for the home, HP today introduced the market’s first all-in-one, touch-enabled desktop PC for businesses.
more »
Microsoft Corp. Chief Executive Officer Steve Ballmer announced the beta availability of the Windows 7 operating system as well as the availability of the latest version of the Windows Live, a suite of personal communications services and applications.
more »
Cash-cycle management, branch optimization, sales/marketing consultation and automation, automated checkout and managed services are expected highlights for January's Wincor World 2009.
more »
We all need to better understand the media we are touched by daily, especially the young, says Austrian Socialist Christa Prets. MEPs backed her report on “media literacy in a digital world” on Tuesday.
more »
Since October, readers of the European Parliament's web pages have had access to RSS, which allows them to keep up-to-date with what is going on via a free subscription.
more »
Fox and Motorola collaboration results in first all-HD programming distribution strategy.
more »
Wincor Nixdorf has won a contract to integrate its cash management solution, consisting of staff-assisted self-service terminals, software and comprehensive services, in the checkout zones and IT operations of Shell Deutschland’s 1,300 service stations.
more »
The role that the internet can play in parliamentary democracy was explored this week when 400 people gathered in Brussels for the annual “e-Parliament conference”.
more »
The EU’s new digital library brings vast treasure trove of historical documents, rare and valuable manuscripts and exquisite cultural artefacts to your desk.
more »