View Full Version : Visited Porn? Browser Flaw Secretly Bares All

12-10-2010, 11:36 AM
Visited Porn? Browser Flaw Secretly Bares All

Published December 05, 2010

SAN FRANCISCO Dozens of websites have been secretly harvesting lists of places that their users previously visited online, everything from news articles to bank sites to pornography, a team of computer scientists found.

The information is valuable for con artists to learn more about their targets and send them personalized attacks. It also allows e-commerce companies to adjust ads or prices for instance, if the site knows you've just come from a competitor that is offering a lower price.

Although passwords aren't at risk, in harvesting a detailed list of where you've been online, sites can create thorough profiles on its users.

The technique the University of California, San Diego researchers investigated is called "history sniffing" and is a result of the way browsers interact with websites and record where they've been. A few lines of programming code are all a site needs to pull it off.

Although security experts have known for nearly a decade that such snooping is possible, the latest findings offer some of the first public evidence of sites exploiting the problem. Current versions of the Firefox and Internet Explorer browsers still allow this, as do older versions of Chrome and Safari, the researchers said.

The report adds to growing worry about surreptitious surveillance by Internet companies and comes as federal regulators in the U.S. are proposing a "Do Not Track" tool that would prevent advertisers from following consumers around online to sell them more products.

The researchers found 46 sites, ranging from smutty to staid, that tried to pry loose their visitors browsing histories using this technique, sometimes with homegrown tracking code. Nearly half of the 46 sites, including financial research site Morningstar.com and news site Newsmax.com, used an ad-targeting company, Interclick, which says its code was responsible for the tracking.

Interclick said the tracking was part of an eight-month experiment that the sites weren't aware of. The New York company said it stopped using the technique in October because it wasn't successful in helping match advertisers to groups of Internet users. Interclick emphasized that it didn't store the browser histories.

Morningstar said it ended its relationship with Interclick when it found out about the program, and NewsMax said it didn't know that history sniffing had been used on its users until The Associated Press called. NewsMax said it is investigating.

The researchers studied far more sites a total of the world's 50,000 most popular sites and said many more behaved suspiciously, but couldn't be proven to use history sniffing. Nearly 500 of the sites studied had characteristics that suggested they could infer browsers' histories, and more than 60 transferred browser histories to the network. But the researchers said they could only prove that 46 had done actual "history hijacking."

Read more: http://www.foxnews.com/scitech/2010/12/05/visited-porn-web-browser-flaw-secretly-bares/#ixzz17iuzEqgf

12-10-2010, 02:41 PM
Firefox with script blocking and ad blocking ends most of this. :)

12-10-2010, 02:43 PM
Poli's porn excursions are safe.

12-10-2010, 02:59 PM
Poli's porn excursions are safe.

:D I was referring to the ad tracking :p

12-10-2010, 03:43 PM
Poli's porn excursions are safe.He's much too old for porn !

12-10-2010, 03:44 PM
He's much too old for porn !

:rolleyes::rolleyes:yea 28 is really old. :rolleyes::rolleyes:

Bubba Dawg
12-10-2010, 08:41 PM
You're never too old for porn.

I've accidentally clicked on a couple of porn sites before.

I was shocked. Shocked. :eek:

12-10-2010, 08:46 PM
:rolleyes::rolleyes:yea 28 is really old. :rolleyes::rolleyes:

You get so much upskirt in real life that the porn sites offer you very little thrill!

12-10-2010, 09:23 PM
You're never too old for porn.

I've accidentally clicked on a couple of porn sites before.

I was shocked. Shocked. :eek: much tamer than you're used to? :D

Bubba Dawg
12-10-2010, 09:26 PM
much tamer than you're used to? :D

NO!!! :eek:

I mean, no. Corse not......um....:D