Home / News

Study Reveals 76% of Internet Users Vulnerable to Browser History Detection

A recent study reveals a browser history detection method, largely dismissed as an issue with minimal impact, can in fact be used against a vast majority of Internet users with significant malicious potential. Researchers, Artur Janc and Lukasz Olejnik, analyzed real-world results obtained from 271,576 Internet users and have reported the results in a paper titled, "Feasibility and Real-World Implications of Web Browser History Detection".

Some key highlight from the report include:

  • Results indicated that at least 76% of Internet users are vulnerable to history detection.
  • All major browsers allow their users' history to be detected, but apparently users of the more modern browsers such as Safari and Chrome are more affected; the study detected visited sites for 82% of Safari users and 94% of Chrome users.
  • Visitors with JavaScript turned off are just as vulnerable to history detection as JS-enabled browsers. Histories for 77% of such users were detected; for some tests, users without JavaScript had more visited sites detected than others.

The results of this study will be presented at the upcoming Web 2.0 Security and Privacy 2010 workshop on May 20th.

Related Links:
Real-world Web browser history detection results (About | Full Paper)

Related topics: Malware, Privacy, Security, Web

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

To post comments, please login or create an account.

Related Blogs

Did the DPRK Hack Sony?

Can Big Companies Stop Being Hacked?

One Year Later: Lessons Learned from the Target Breach

Wait and See Approach on Abuse

Privacy, Risk and Revenue

Related News

Topics

Industry Updates – Sponsored Posts

Q3 2014 DDoS Trends: Attacks Exceeding 10 Gbps on the Rise

.nyc Goes Public to Brand the Big Apple

3 Questions to Ask Your DNS Host About DDoS

Afilias Partners With Internet Society to Sponsor Deploy360 ION Conference Series Through 2016

Neustar to Build Multiple Tbps DDoS Mitigation Platform

Mobile Web Traffic: A Dive Into the Data

The Latest Internet Plague: Random Subdomain Attacks

Digging Deep Into DNS Data Discloses Damaging Domains

New gTLDs and Best Practices for Domain Management Policies (Video)

Nominum Announces Future Ready DNS

New from Verisign Labs - Measuring Privacy Disclosures in URL Query Strings

Four Reasons to Move from .COM to Your .BRAND Domain

DotConnectAfrica Delegates Attend the Kenya Internet Governance Forum

Dot Brand: Why Your Brand Needs Its Own Top-Level Domain

3 Questions to Ask Your DNS Host about Lowering DDoS Risks

Continuing to Work in the Public Interest

Verisign Named to the OTA's 2014 Online Trust Honor Roll

4 Minutes Vs. 4 Hours: A Responder Explains Emergency DDoS Mitigation

Dyn Acquires Internet Intelligence Company, Renesys

Tips to Address New FFIEC DDoS Requirements

Sponsored Topics

dotMobi

Mobile

Sponsored by
dotMobi
Verisign

Security

Sponsored by
Verisign
Afilias

DNSSEC

Sponsored by
Afilias
Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines