| Thursday May 26th 2016

Invasive Browser Sniffing

Using a number of sneaky attacks, it is possible for phishers and other Web-based bad guys to figure out which Web sites you regularly visit. While the fact that you frequently visit ESPN may not be a problem, such attack techniques can tell the phisher exactly which online bank you use, allowing her to tailor deception-based phishing emails so that they’re far more likely to dupe you. Below is a great white paper describing this attack from Sid Stamm and Markus Jakobsson. A live interactive demo of their attack can be seen by visiting their Browser Recon page, which will tell you exactly which online banks you’ve logged into in the past. Scary stuff.

“Invasive Browser Sniffing and Countermeasures” (PDF)

Luckily, a few security researchers at Stanford University designed two Firefox extensions, SafeCache and SafeHistory, to stop these and similar attacks. They also published a research paper, “Protecting Browser State from Web Privacy Attacks,” which explains all of the issues related to these kinds of privacy threats.

The SafeCache browser extension protects your privacy by silently defending against cache-based tracking techniques. It allows embedded content to be cached, but segments the cache according to the domain of the originating page. The SafeHistory browser extension protects your privacy by silently defending against visited-link-based tracking techniques. It allows offsite visited links to be marked only if the browser’s history database contains a record of the link being followed from the current site.

Both extensions are easy to install, require no configuration, and have no negative side effects. It is pretty shameful that more than a year after the Stanford researchers released their extensions, the Firefox team has still not merged the code from these projects into the mainline Firefox browser.

Related Posts: On this day...

Leave a Reply

You must be logged in to post a comment.