CSS History Probing and Sniffer

This topic contains 2 replies, has 3 voices, and was last updated by  hayabusa 9 years, 1 month ago.

  • Author
    Posts
  • #5122
     morpheus063 
    Participant

    Something to prove that on the Web, your browser history is an open book

    “We present a web-based system capable of effectively detecting clients’ browsing histories and categorizing detected information. We analyze and discuss real-world results obtained from 271,576 Internet users. Our results indicate that at least 76% of Internet users are vulnerable to history detection; for a test of most popular Internet websites we were able to detect, on average, 62 visited locations. We also demonstrate the potential for detecting private data such as zip codes or search queries typed into online forms. Our results confirm the feasibility of conducting attacks on user privacy using CSS-based history detection and demonstrate that such attacks are realizable with minimal resources.”

    Click here to continue reading.

    Most browsers silently expose intimate viewing habits
    http://www.theregister.co.uk/2010/05/20/browser_history_attack/

    CSS History Probing, or: “I know where you went last week”
    http://blogs.msdn.com/ieinternals/archive/2009/06/17/CSSHistoryProbing.aspx

    CSS History Sniffer – ONLINE DEMO
    http://www.debugtheweb.com/test/cssvisited.htm

  • #32491
     yatz 
    Participant

    That’s very cool.  So much for “Private” browsing!

  • #32492
     hayabusa 
    Participant

    Those are pretty nice links!  Good info to use when presenting case studies / scenarios upstream, within a company.  I can imaging the looks on CEO / CTO’s faces, when they realize the world just might be able to see where they’ve been.  Corporate secrets and not-yet-discussed plans unfold before others’ eyes, etc…

You must be logged in to reply to this topic.

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?