Client Testimonial
"Dual Layer IT Solutions are very professional and knowledgeable when it comes to those inevitable computer problems whether it be software or hardware" read more »
HK Operations Director
MW Packaging
Client Login
 Quick Contact
Browser Bug Exploited By Porn Sites
Category : General 04 Dec 2010 07:24 AM | Industry News
Computer science researchers at UC San Diego carried out the study that found 485 sites exploiting the bug.
The most popular site that uses the technique is adult site YouPorn. Many other porn sites use it too as well as sports, news, movies and finance websites.
The researchers also looked at other popular techniques that sites use to map and monitor what visitors do. Some, such as YouTube, run scripts that track the trail a user's mouse pointer takes on and across pages.
Although the researchers found 485 sites are exploiting the history-sniffing flaw, 46 of those sites are actively downloading your browser history. The researchers also found that another 17 sites for a total of 63 are transferring your browsing history to their network, but couldn't confirm the sites were using the information collected. The majority of sites, according to the UC San Diego researchers, are only inspecting the style properties and nothing more.
History sniffing has been known for years as a possible way to discover what sites a browser has visited, but this is the first time that anyone has shown it actually happening on the open Internet.
The trick does not work on every browser, notably Google Chrome and Apple Safari. Also more recent releases of Mozilla Firefox have been protected but the only way to prevent sniffing if using Microsoft Internet Explorer (IE) is to arrive at the site in Private Browsing mode, though the latest beta of IE was not tested.
This particular bug was not the focus of the research, the team were also investigating three other privacy violating techniques: cookie stealing, location hijacking and behaviour tracking. Overall the research found many of the top-visited sites recorded by Alexa Internet indulged in some kind of privacy violation.