Site guesses your sex via age-old web flaw One of the problems that's plagued netizens since the inception of the world wide web that their browsers have a habit of leaking every site they've visited in the recent past. A quick stop at Blowupdolls.com, Mysecretbusinessproject.net or any other site is available to any webmaster with rudimentary coding skills. Now the …
I'm quite sure that guys are worried about their money as much as gals are (esp. gals who're more then happy to spend their guy's dosh ;) -- but online banking sites turn up at < 1.0 M/F ratio. As do Gmail, Amazon, and the works.
Guess I should start visiting more manly sites ...
Likelihood of you being FEMALE is 50%
Likelihood of you being MALE is 50%
Likelihood of me setting Firefox to keep history for 0 days, not remember what I enter in forms and search bar, delete all history when I close Firefox, have a blank homepage, have 0 bookmarks except for del.icio.us bookmarklets, having Adblock Plus, filterset.g and customizegoogle add-ons cranked up to max is 100%
Likelihood of a snooper finding out anything useful about me is... I dunno. But doing the above leaves me with a few less things to worry about.
There's a zen-like re-assurance when you have to log in to each site on your first visit since closing and opening up the browser. This whole 'remember me on this computer' and 'remember my password' stuff just dupes and encourages complacency in the average 'mum and dad' level user.
Check me out - living dangerously by not posting anon. :-)
Because you have just got me writing code to check this out.
Ever since I have been coding JavaScript I have never been able to get at the history urls in the history object, and most texts will claim you cannot.
Now there is a trick that involves going to a domain that matches, you could detect that.
So, what we are saying here is a site loads up a number of URLs from hotswedishnannieswithpompoms.com to allgoodchistainsunite.org (both available for anyone complaining you can't get a domain nowadays), then it checks them off, and prevents the page moving or perhaps uses multiple frames.
Unless I am missing something here, if you can read the history object in JavaScript then it is broken, it should be unreadable, therefore if it is readable then it will be fixed.
So ok, possible brute force the urls out, that could be stopped, I don't know anyone who really uses that feature anyhow. Though now I think about it, it has a use:- oh what was the last page on theregister.co.uk was I on history.go('www.theregister.co.uk'); that will move window focus to the last page on theregister you were on, even if run on a site 10 hops away. But, still it is not great.
Now, hmm could this be combined with a search engine, possible but probably not, you can be sent back to google, but then you have to get that url and you cannot unless you use a cross site scripting attack (which is a flaw which should be plugged).
Ok, I have gone to the site now, I had to take down the security, it was being blocked. He uses 10K of URLs and combines that with the history.go, possibly css computed values and a detector of some sort (exceptions, frames etc).
Hmm, not really that worrying, and sort of detectable he will have a huge chunk of data somewhere and you will see connections made back to each site.
I think you are hyping this one a bit, if you could read the history object now that would be covert, quick read and a X req call back to your server.
As to these other gaping holes, well there is only the reference one, and that is one deep and helps to determine who linked to you, it can be turned off as well.
Now, something like google urchin and phorm is a different matter, those do work.
But this, well it is obvious, and noisy - hackery but not crackery. It is like saying that safe is not secure because I can point a tank at it and blow the bloody doors off. Still, people should be aware of how it can be used and should watch out for it, but its general use is more benign, maybe a quick reordering of links depending if they have already gone there.
But it is misleading to say 'Mysecretbusinessproject.net' if they don't specify the URL then they won't know it.
A good habit to get into is to do your stuff in batches, and make sure the browser history is cleared.
I read the JS code for that. Awesome!
I had to use the "Send feedback..." link in my browser to report this. Privacy or not, it has to be fixed because it's a resource intensive dictionary attack. It's already bad enough that I have to keep building new rules to exclude abusive Flash ads. Now advertisers are going to scan their list of 100000 most interesting URLs on every page load.
perhaps browsers should be made to allow to impose an upper limit of how many times any given script can check the history against arbitrary URLs, or how many times per second. This limit could be made available in a browser's preferences. A reasonable default value might be 5 or 10. This script couldn't check 10.000 URLs then.
which is me rethinking.
It can go covert, I haven't run it yet, but if just the css computedValues are being used on a generated link, then there are a number of ways to keep the noise down on that.
So, I will retract the 'over hyping', and the 'hackery not crackery' statements :)
Just a reminder that I posted this *for fun*. The point was to demonstrate the vulnerability, not to provide a tool on how to do this. Quoting myself...
"Kind of cute right? Don’t worry — I am not storing your history in any way, this is purely for fun. [...] In case it isn’t obvious — please don’t do this for real."
Theres a little feature I highly recommend : every time you shut down firefox, it wipes your history, cache, passwords etc...
So in this example, it guessed 95% male based on my current browser tabs. God help me what it would have guessed if it knew what I was looking up last night...
Likelihood of you being FEMALE is 40%
Likelihood of you being MALE is 60%
Site Male-Female Ratio
google.com 0.98
telegraph.co.uk 1.5
Does this mean that El Reg isn't in the Quantcast top 10K or whatever? If they're only looking at US sites why is the ET in there?
Oh, and since I've stopped reading the ET since the format change I'll be 50-50 pretty soon.
If you look at the JavaScript source (http://www.mikeonads.com/gender/SocialHistory.js) you can see that rather than querying the browser history directly, it creates a link for every site in its dictionary, then checks whether the browser has given it the "never visited before" or "visited before" link colour in order to determine if you've been there in the past.
It's quite a clever idea, but it's still having to brute-force its way to your history, and with that many sites it's very obvious that something's happening from the way the browser hangs, so I can't imagine any other site using it with any more than a handful of URLs.
Hmmm , it seems safecache on FF2 has it confused too even in IE pretender mode too , but I did notice at one time CPU hit 100 % for a minute or two trying to run and that script and that evil pesky M$ error send an email popped up as well on the first attempt as the system literally froze and almost went BSOD too !
95% Male ... so it got my gender bang to rights. The wife might say that my feminine side shows more than that .. but then this is my work machine. Testosterone bursting from every pore in the competitive workplace ..
I am going to have to try this on my home machine to see if my gender bias varies by which machine I use. Will I be more androgenous using the Mac at home?
Likelihood of you being FEMALE is 57%
Likelihood of you being MALE is 43%
I thought that, this being my computer at work, it couldn't miss with sites like El Reg and a bunch of technical sites (no porn, though), but Gmail had me nailed. :D
Although, I must admit that a friend psychologist told me that, according to Bem's scale, I am mostly feminine.
"Mozilla, Microsoft and the rest of the gang have long refused to do anything about it because fixing the problem would make it hard for users to tell sites they've visited from those they haven't."
I appreciate I know nothing about the specifics of this, but exactly how hard is it to ensure a piece of data is usable by the person sat at the PC, but doesn't get sent out to the outside world ? If not trivial, then what sort of crap system has the industry developed?
I've never felt so manly.
I was surprised that the most male-tilted site on my list was a music site (Harmony Central) and that search engines and email are slightly girly.
And it's good to know that occasionally looking at allegedly-amusing pictures of cats over at icanhascheezburger.com makes me more of a man, not less. I'd always assumed it would be the other way round.
Like most problems of this nature, it is easily avoided - simply run everything in RAM (Bart PE/Golden Dragon or similar) or reimage fixed disk using ghost or zenworks or similar weekly/daily. Problem solved. If reimaging a fixed disk OS weekly/daily then also full format using Darik boot and nuke or similar multipass eraser/formatting tool. Use someone elses internet connection or a free wifi spot if you want to be all legit.
If that's too much effort for you, then you're probably not doing anything that interesting to anyone else, other than marketing chimps and that ilk, and who cares what they try to sell you!? Be my guest, spend all your time and money trying to sell me shit which I will never buy, regardless of my sex. Surely it's easier to tell someones sex by their name? Or by calling them and speaking to them? I mean, why would anyone invest such effort in such a long clunky way of determining something as inane as someones sex?!
Likelihood of you being FEMALE is 50%
Likelihood of you being MALE is 50%
This is only because FireFox remembers nothing about me or where I've been, like several other commenters.
I carefully set it up this way, therefore I'm 100% likely to be male, as ladies don't surf dodgy sites that require such an approach. Do they?
Paris, because her history is known to everybody.
... run two versions of Firefox, one for the day to day stuff which sits on your HDD as usual and the other one Portable Firefox which you run from a USB stick and which doesn't cache anything and wipes cookies and history when you quit so you can browse the more interesting stuff safely...
... Erm, allegedly!
It appears that just because I handle the finances in my family, that this algorithm has decided there's a 93% probability of me being female, rather than the real answer of male. I guess the fact that drudgereport.com and slashdot.org were in the list weren't enough to sway the decision the other way.
Likelihood of you being FEMALE is 29%
Likelihood of you being MALE is 71%
so 2/7ths of the time I'm female?
Although as I use FF and IE, I checked FF as well (much quicker) and I got 85% MALE, looks like IE makes you effeminate, actually my FF config avoids my work proxy filter, which really means that the sites I'm normally allowed to look at @ work are more girly.... interesting
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
