Browser Bug Shows ‘Sniffers’ Where You’ve Been

A browser bug has been highlighted that allows software to interrogate browser history lists showing where a user has been. It is being used by entertainment, sports, blogging and news sites to establish visitor profiles.

The bug has been exploited using JavaScript on sites that can ‘sniff’, or interrogate, the history list on visiting browsers. The script uses a list of sites of interest and a match in the history changes an attribute, the colour tab for example, to show a match has been found.

Privacy Violation Is Rife

The flaw has been investigated by a team of researchers from the University of California in San Diego. In a survey of 50,000 popular sites, the team found that 63 sites transferred the history to their networks but only 48 of them could be confirmed as history-sniffing hijacks.

The trick does not work on every browser, notably Google Chrome and Apple Safari. Also more recent releases of Mozilla Firefox have been protected but the only way to prevent sniffing if using Microsoft Internet Explorer (IE) is to arrive at the site in Private Browsing mode, though the latest beta of IE was not tested.

This particular bug was not the focus of the research, the team were also investigating three other privacy violating techniques: cookie stealing, location hijacking and behaviour tracking. Overall the research found many of the top-visited sites recorded by Alexa Internet indulged in some kind of privacy violation.

This led the researchers to conclude: “Our study shows that popular Web 2.0 applications like mashups, aggregators, and sophisticated ad targeting are rife with different kinds of privacy-violating flows.”

A look down the list of history sniffing sites compiled by the team shows that YouPorn, ranked 61 in Alexa’s top 100 sites, was the highest ranking offender.