Attackers Leveraging JavaScript & CSS to Steal User Browsing History
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
Web browsing history, a feature designed to enhance user convenience by styling visited links differently, has inadvertently become a privacy vulnerability exploited by attackers.
While this functionality helps users navigate websites by visually distinguishing visited links, it also opens the door for malicious actors to infer sensitive browsing habits using advanced techniques.
The security researcher, Lukasz Olejnik claims that the CSS : visited pseudo-class, which browsers utilize to design links differently after users have visited them. What appears to be a useful navigational aid actually creates a side channel that attackers can exploit.
Malicious actors have developed numerous techniques to detect these style differences. One common method uses JavaScript to examine computed styles:
Advanced Attack Techniques
Beyond basic style detection, attackers have developed increasingly sophisticated methods.
“Timing attacks measure rendering differences between visited and unvisited links, while pixel color attacks can detect even subtle visual variations,”explainsDr. Ana Chen, a cybersecurity researcher at the Digital Privacy Institute.
Process-level exploits like SpectreJS can even breach browser defenses by leveraging renderer vulnerabilities to access internal visited link data directly.
Research has demonstrated that browsing histories are remarkably unique—studies show 97-99% of users have distinct browsing patterns that function almost like fingerprints.
This data reveals sensitive information about health concerns, financial interests, and political affiliations.
The New Solution: Partitioning
After years of insufficient mitigations, browser vendors are implementing a more comprehensive solution: partitioning visited link history.
Chrome version 132 has already implemented this feature (behind the flag #partition-visited-link-database-with-self-links).
The new system stores visited links using a triple-key approach:
This partitioning ensures that a link is only styled as:visited if it was visited from the same top-level site and frame origin, effectively preventing cross-site history leaks.
For users concerned about their privacy today, security experts recommend using private browsing modes and regularly clearing browsing history until these protections become standard across all browsers.
#CSS #Cyber_Security #Cyber_Security_News #Vulnerability #cyber_security #cyber_security_news #vulnerability
Оригинальная версия на сайте:
Attackers Leveraging JavaScript & CSS to Steal User Browsing History
Author: KaaviyaWeb browsing history, a feature designed to enhance user convenience by styling visited links differently, has inadvertently become a privacy vulnerability exploited by attackers.
While this functionality helps users navigate websites by visually distinguishing visited links, it also opens the door for malicious actors to infer sensitive browsing habits using advanced techniques.
The security researcher, Lukasz Olejnik claims that the CSS : visited pseudo-class, which browsers utilize to design links differently after users have visited them. What appears to be a useful navigational aid actually creates a side channel that attackers can exploit.
Malicious actors have developed numerous techniques to detect these style differences. One common method uses JavaScript to examine computed styles:
Advanced Attack Techniques
Beyond basic style detection, attackers have developed increasingly sophisticated methods.
“Timing attacks measure rendering differences between visited and unvisited links, while pixel color attacks can detect even subtle visual variations,”explainsDr. Ana Chen, a cybersecurity researcher at the Digital Privacy Institute.
Process-level exploits like SpectreJS can even breach browser defenses by leveraging renderer vulnerabilities to access internal visited link data directly.
Research has demonstrated that browsing histories are remarkably unique—studies show 97-99% of users have distinct browsing patterns that function almost like fingerprints.
This data reveals sensitive information about health concerns, financial interests, and political affiliations.
The New Solution: Partitioning
After years of insufficient mitigations, browser vendors are implementing a more comprehensive solution: partitioning visited link history.
Chrome version 132 has already implemented this feature (behind the flag #partition-visited-link-database-with-self-links).
The new system stores visited links using a triple-key approach:
- Link URL (destination).
- Top-level site (domain of main browsing context).
- Frame origin (origin of the frame rendering the link).
This partitioning ensures that a link is only styled as:visited if it was visited from the same top-level site and frame origin, effectively preventing cross-site history leaks.
For users concerned about their privacy today, security experts recommend using private browsing modes and regularly clearing browsing history until these protections become standard across all browsers.
#CSS #Cyber_Security #Cyber_Security_News #Vulnerability #cyber_security #cyber_security_news #vulnerability
Оригинальная версия на сайте:
