Security researchers discover new ways your internet browsing history is exposed
02/03/2019 // Edsel Cook // Views

Computer hackers are always looking for ways to get their hands on your Internet browsing history. A Science Daily article reported on four new methods through which a hacker could sniff out what website you last went to.

The "history sniffing" style of hacking is not a new concept. However, the new techniques are much faster and far more effective than their predecessors.

Cyber security experts from the University of California San Diego (UC San Diego) and Stanford University (Stanford) warn that hackers can now recognize your online activity in just a few seconds. The new history sniffing methods are also able to bypass the security measures of the latest web browsers.

All four techniques worked on Google Chrome. Furthermore, two methods were able to beat many other kinds of web browsers. The list of compromised programs included Mozilla Firefox, Microsoft's Internet Explorer and Edge, and the Brave browser.

The Tor browser was the only browser that defeated history sniffing hacking attacks. It was the only one that did not record a user's browsing history to begin with. (Related: U.S. cybersecurity experts scrambling to thwart major attacks on power, water, gas infrastructure by “bolting on” fixes to old vulnerable systems.)

New phishing methods can steal the browsing history of almost any browser

The new attacks are based on "phishing." A cyber criminal will trick an Internet user to reveal login information. The hacker proceeds to scan the history of the compromised browser.

A hacker can do a lot of damage with the browsing history. He can blackmail a user by threatening to reveal information about embarrassing or illegal websites that the latter visited. Or he could redirect a user to a fake version of a legitimate website.

Brighteon.TV

The practice of history sniffing is not just limited to hackers. During the 2010s, many internet marketing companies offered "analytics tools" that did much the same thing.

The joint UC San Diego-Stanford research team demonstrated the newest ways to conduct history sniffing attacks. Their JavaScript codes trick a web browser into changing its behavior whenever the latter program visits a website.

The techniques took advantage of the customization features that let a user change the appearance of the browser. The biggest vulnerability was the new CSS Paint API feature of Google Chrome that caused so much trouble in 2017.

The researchers warned that every brand new browser and added feature made the act of browsing the Internet much more unsafe.

Experts say browsers need to protect browsing history much better

The proposed solution is harsh but supposedly necessary. Browsers should strictly regulate how they use the browsing histories of their users when they are bringing up web pages from various locations.

For example, most browsers use blue as the font color of a link that leads to a website. If a user clicks on this link, the browser will change the font color to purple.

This feature reminds the user that he has already visited that website. It also tells a history sniffing hacker that his victim goes to that website.

The researchers demonstrated how a browser can prevent this from happening. In their model, opening a link in a website will not change the color of the links found in a different site. They also added an option that lets a user exempt a specific website from such strict security measures.

The UC San Diego-Stanford researchers are improving their model in the hope that browser companies will take note of their suggestions. They are also trying to find the right balance between ensuring the security of the user and actually getting use out of the Internet.

Read Computing.news for more stories about modern computing.

Sources include:

ScienceDaily.com

Spinda.net [PDF]



Take Action:
Support Natural News by linking to this article from your website.
Permalink to this article:
Copy
Embed article link:
Copy
Reprinting this article:
Non-commercial use is permitted with credit to NaturalNews.com (including a clickable link).
Please contact us for more information.
Free Email Alerts
Get independent news alerts on natural cures, food lab tests, cannabis medicine, science, robotics, drones, privacy and more.
App Store
Android App
eTrust Pro Certified

This site is part of the Natural News Network © 2022 All Rights Reserved. Privacy | Terms All content posted on this site is commentary or opinion and is protected under Free Speech. Truth Publishing International, LTD. is not responsible for content written by contributing authors. The information on this site is provided for educational and entertainment purposes only. It is not intended as a substitute for professional advice of any kind. Truth Publishing assumes no responsibility for the use or misuse of this material. Your use of this website indicates your agreement to these terms and those published here. All trademarks, registered trademarks and servicemarks mentioned on this site are the property of their respective owners.

This site uses cookies
Natural News uses cookies to improve your experience on our site. By using this site, you agree to our privacy policy.
Learn More
Close
Get 100% real, uncensored news delivered straight to your inbox
You can unsubscribe at any time. Your email privacy is completely protected.