My morning bird-cage liner had this headline: "Web browser flaw reveals online history". The article went on to explain that Firefox and IE allow applications to run from sites when you visit that exploit the weakness and read history and pass it to an app that can then select targeted ads for display. It mentioned Interclick as the application and Newsmax.com and Morningstar.com as sites that had used it. The article stated that Safari and Chrome are not affected, i.e., do not have the 'flaw' that allows history to be accessed.
Any guesses as to how long before IE and Fx come out with new versions?
My recent post complaining of LSOs might have been off the mark. I'm beginning to think that maybe it was history tracking that caused me to see so many ads related to recent web surfing. At any rate, I now have Firefox deleting history when it closes and I'm only allowing cookies to be saved by CCleaner from about 6 or 8 sites.
Does anyone know if Firefox carries over settings from previous options when an update is installed? I have been under the impression that it preserved your preferences, but somehow the history deletion process slipped by me undetected. I made it a practice to set history to be deleted many years ago and thought that Firefox was taking care of it. Guess I'll have to be more careful when installing future updates.
Websites Gain Access to Browser History and Exploit It.
-
- UraniumLounger
- Posts: 9312
- Joined: 13 Feb 2010, 01:27
- Location: Deep in the Heart of Texas
Websites Gain Access to Browser History and Exploit It.
Bob's yer Uncle
Dell Intel Core i5 Laptop, 3570K,1.60 GHz, 8 GB RAM, Windows 11 64-bit, LibreOffice,and other bits and bobs
(1/2)(1+√5) |
-
- Administrator
- Posts: 78788
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: Websites Gain Access to Browser History and Exploit It.
The exploit uses JavaScript. The free NoScript add-on for Firefox blocks JavaScript unless you explicitly allow it, so it provides protection against history hijacking by arbitrary sites. But of course, if a site seems reputable (such as Morningstar) and you enable JavaScript, you'll still be vulnerable.
Best wishes,
Hans
Hans
-
- 3StarLounger
- Posts: 361
- Joined: 24 Jan 2010, 14:24
- Location: Buckinghamshire, England
Re: Websites Gain Access to Browser History and Exploit It.
Mozilla fixed this in the development builds of Firefox back in April. The Firefox 4 beta builds include this fix, the latest version is available from http://www.mozilla.com/firefox/beta/" onclick="window.open(this.href);return false;
Tony
-
- 3StarLounger
- Posts: 361
- Joined: 24 Jan 2010, 14:24
- Location: Buckinghamshire, England
Re: Websites Gain Access to Browser History and Exploit It.
If you want to see this at work, go to http://www.mikeonads.com/2008/07/13/usi ... te-gender/" onclick="window.open(this.href);return false;
If using a browser that is susceptible to this, it will use your browsing history to have a guess at your gender.
If using a browser that is susceptible to this, it will use your browsing history to have a guess at your gender.
Tony
-
- Administrator
- Posts: 78788
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: Websites Gain Access to Browser History and Exploit It.
Hmm... what to think of this (using IE8 or Firefox 3.6.12, if I temporarily allow scripts):
Yeah, right...Likelihood of you being FEMALE is 50%
Likelihood of you being MALE is 50%
Best wishes,
Hans
Hans
-
- 3StarLounger
- Posts: 361
- Joined: 24 Jan 2010, 14:24
- Location: Buckinghamshire, England
Re: Websites Gain Access to Browser History and Exploit It.
For me when using Firefox 3.6.13 it said 81% chance of being male, 50/50 when using Firefox 4 development builds as it could not read the history.HansV wrote:Hmm... what to think of this (using IE8 or Firefox 3.6.12, if I temporarily allow scripts):
Yeah, right...Likelihood of you being FEMALE is 50%
Likelihood of you being MALE is 50%
Tony
-
- 3StarLounger
- Posts: 397
- Joined: 24 Jan 2010, 19:43
- Location: Salt Lake City, Utah, USA
Re: Websites Gain Access to Browser History and Exploit It.
I'm only 91% male. I'm going to have to stop the Bride from using my laptop to visit Pottery Barn and Sephora. (Though I realize I have visited Sephora to buy gifts for the Bride and daughters.)
Goshute
I float in liquid gardens
I float in liquid gardens
-
- PlatinumLounger
- Posts: 3757
- Joined: 24 Jan 2010, 11:00
- Location: Lexington, KY, USA
Re: Websites Gain Access to Browser History and Exploit It.
Well I feel worse than you fellas! Guess I'm gonna have to work on this, huh?
Likelihood of you being FEMALE is 71%
Likelihood of you being MALE is 29%
Likelihood of you being FEMALE is 71%
Likelihood of you being MALE is 29%
-
- Administrator
- Posts: 78788
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: Websites Gain Access to Browser History and Exploit It.
Must be because of your Christmas userpic, Al!
Best wishes,
Hans
Hans
-
- cheese lizard
- Posts: 6241
- Joined: 16 Jan 2010, 00:14
- Location: Sydney Australia
Re: Websites Gain Access to Browser History and Exploit It.
on a system with FF 3.6.12 and nil history. One visit to cnn.com and voila:Likelihood of you being FEMALE is 50%
Likelihood of you being MALE is 50%
Likelihood of you being FEMALE is 43%
Likelihood of you being MALE is 57%
Cheers, Claude.
-
- Administrator
- Posts: 78788
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: Websites Gain Access to Browser History and Exploit It.
Don't let your wife visit cnn.com then, at least not too often...
Best wishes,
Hans
Hans
-
- GoldLounger
- Posts: 2599
- Joined: 24 Jan 2010, 15:26
- Location: Olympia, WA
Re: Websites Gain Access to Browser History and Exploit It.
Must be the Family research that bring up the female rating.
I noticed that The Lounge" is not listed and I visit it as much if not more of techguys. I do NOT visit Comcast site itself much, but yesterday I was there twice.
Likelihood of you being FEMALE is 61%
Likelihood of you being MALE is 39%
Site Male-Female Ratio
comcast.net 0.89
ancestry.com 0.63
state.co.us 0.87
techguy.org 1.56
findagrave.com 0.85
I noticed that The Lounge" is not listed and I visit it as much if not more of techguys. I do NOT visit Comcast site itself much, but yesterday I was there twice.
Likelihood of you being FEMALE is 61%
Likelihood of you being MALE is 39%
Site Male-Female Ratio
comcast.net 0.89
ancestry.com 0.63
state.co.us 0.87
techguy.org 1.56
findagrave.com 0.85
I am so far behind, I think I am First
Genealogy....confusing the dead and annoying the living
Genealogy....confusing the dead and annoying the living