back to article 50 ways to leave your lover, but four to sniff browser history

"History sniffing" promises a nose full of dust or, you're talking about web browsers, a whiff of the websites you've visited. And that may be enough to compromise your privacy and expose data that allows miscreants to target you more effectively with tailored attacks. For example, a phishing gambit that attempts to simulate …

  1. Walter Bishop Silver badge
    Linux

    A whiff of the websites you've visited

    "History sniffing" promises .. a whiff of the websites you've visited .. Google Chrome, Mozilla Firefox, Microsoft Edge and Internet Explorer, and Brave are all affected to some extent

    Do these browser exploits work the same on non-Microsoft operating systems. I would explicidly mention them by name only I risk getting downvoted by the snowflakes.

    1. Long John Brass Silver badge

      Re: A whiff of the websites you've visited

      My guess would be yes. It appears to be a browser based attack and therefore unlikely to be OS specific.

  2. bombastic bob Silver badge
    Devil

    run NoScript

    problem solved

    1. ThatOne Bronze badge

      Re: run NoScript

      NoScript only works if the naughty script is served from a domain you don't care about. It might be trickier if the naughty script is hosted on a domain you actually need to whitelist because else the site you're visiting doesn't work (online stores come to mind).

      In this case you would need a means to only allow those scripts which are necessary, while blocking those which do unnecessary stuff, despite both coming from the same domain and potentially even being inside the same Javascript file. I guess it's possible, but I don't think it's easy to do reliably (don't know, I'm not a developer, just a pessimist).

      1. alain williams Silver badge

        Re: run NoScript

        NoScript only works if the naughty script is served from a domain you don't care about. It might be trickier if the naughty script is hosted on a domain you actually need to whitelist because else the site you're visiting doesn't work (online stores come to mind).

        If it is from the online store, or similar, then the domain owner is a big target that could be prosecuted under the computer misuse act. A few costly & high profile actions could stop a lot, but not all, of this.

      2. Fungus Bob Silver badge

        Re: run NoScript

        "NoScript only works if the naughty script is served from a domain you don't care about. "

        Then run no scripts....

        I know, the web don't work then...

      3. elregviewer

        Re: run NoScript

        You are right. NoScript will just leave you with broken sites. Vendor fixes is the real solution.

  3. Novex

    I combine NoScript with Privacy Badger, AdBlock Plus, clearing my Firefox browser history completely on exit, and using a password manager (KeePass with Kee add-on). This way there is far less chance that I'll be hit by a nasty. Not impossible, I realize, but the 'attack surface' is much smaller.

  4. Anonymous Coward
    Anonymous Coward

    sweetheart, whats this 'saucyferrets.com' site i found in your browsing history?

    1. Throatwarbler Mangrove Silver badge
      Coat

      Sorry, guv'nor, that's a 404, so you've got nothin' on me.

      Mine's the one that's suspiciously squirming, thanks.

  5. Version 1.0 Silver badge
    Unhappy

    Look around the disk drive

    I recently got's PO'ed with Firefox and logged into the Admin account on my work PC - I uninstalled Firefox and then started looking around at my other accounts on the PC. After removing Firefox I found over 1Gb of data stuffed into Mozilla and Firefox folders plus multiple registry entries all over the place. All left behind after uninstalling the bloody app!

    Browsing data is like old crisp packets, you find them floating around all over the place years after your little snack.

    1. ThatOne Bronze badge

      Re: Look around the disk drive

      > After removing Firefox I found over 1Gb of data

      AFAIK most programs do that when uninstalling: They remove the program's own files, but leave any user-created files the program might have created.

      In Firefox's case that would be installed add-ons, the history, cookie and bookmarks databases, the cache (probably the biggest part of the 1 GB you found) and whatever else your own use created. The point is that if you just uninstalled it to reinstall it (for refreshing, updating or fixing), you'll be back to your environment just as you left it. Even if you install another browser, he'll find the old Firefox data and offer to import your bookmarks.

      So not actually a bad or evil thing, IMHO. Imagine if uninstalling MS Word deleted all .doc files on your hard drive... :o)

      1. Anonymous Coward
        Anonymous Coward

        Re: Look around the disk drive

        <user-created files the program might have created>

        does not compute

    2. Ole Juul Silver badge

      Re: Look around the disk drive

      "After removing Firefox I found over 1Gb of data stuffed into Mozilla and Firefox folders . . .

      If you have Firefox folders you didn't remove Firefox. You probably just removed the executable.

  6. Anonymous Coward
    Anonymous Coward

    Bleachbit for the win!

    Whenever I run Bleachbit on a computer that's never been cleaned I usually recover several Gigabytes of hard drive space.

    I have a habit of clearing my browser cache sevearal times while browsing and run some simple commands that delete all temporary files and a final pass with Bleachbit's command line program.

    I only enable cookies when needed (such as this rant) and then purge all after posting, and many sites still function without having Javascript enabled (such as this one)

  7. Anonymous Coward
    Anonymous Coward

    Hmmm

    Something in the researchers paper that isn't mentioned in the Reg's article:

    "Weinberg et al. [57] demonstrated that these mitigations

    are not enough—that web attackers can still creatively

    leak history information. They used interactive tasks (e.g.,

    CAPTCHAs) to trick users into disclosing history information,

    inferred the color of links from screen reflections

    in webcam images, and used re-paint events"

    I have seen CAPTCHAs used on several deceptive and/or malicious sites.

    My initial thought was this was used as a sort of "gateway' to protect their sites from being accessed by researchers using automated web scrapers.

    I see that they may be using CAPTCHAs for other purposes as well.

  8. theunregistered

    firefox data left after uninstall

    To find all details of leftovers from uninstalls, firefox being one, i use search everything from void tools after uninstalls. I then choose which to delete. it is 100% effective at finding all leftovers. Another way is to go to users and app data folders after unhiding hidden files in msoft and do a manual search, iobit uninstaller also has a function to extra clean things that usually kills all leftovers

  9. veti Silver badge

    The big question here

    Why in the name of all that is noodly does any feature of CSS need a frickin' API?

    The server sends the data, the browser presents it to the user. CSS makes suggestions about how it should do that, but suggestions is all they are. If the browser is sending information back about how it chose to present it - frankly it's time to tear down the whole Web and start over.

    1. elregviewer

      Re: The big question here

      I'm under the impression that it would be JavaScript that would be programmed to track the state of CSS application to the page. There is nothing wrong with that, just that the CSS api and JavaScript (on the browser/client side) should not be able to blindly report this to the world.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019