New Ways to Track Internet Browsing
Interesting research on web tracking: “Who Left Open the Cookie Jar? A Comprehensive Evaluation of Third-Party Cookie Policies: Abstract: Nowadays, cookies are the most prominent mechanism to identify...
View ArticleFirefox Enables DNS over HTTPS
This is good news: Whenever you visit a website—even if it’s HTTPS enabled—the DNS query that converts the web address into an IP address that computers can read is usually unencrypted. DNS-over-HTTPS,...
View ArticleIdentifying People by Their Browsing Histories
Interesting paper: “Replication: Why We Still Can’t Browse in Peace: On the Uniqueness and Reidentifiability of Web Browsing Histories”: We examine the threat to individuals’ privacy based on the...
View ArticleBrowser Tracking Using Favicons
Interesting research on persistent web tracking using favicons. (For those who don’t know, favicons are those tiny icons that appear in browser tabs next to the page name.) Abstract: The privacy...
View ArticleCheck What Information Your Browser Leaks
These two sites tell you what sorts of information you’re leaking from your browser.
View ArticleIs Microsoft Stealing People’s Bookmarks?
I received email from two people who told me that Microsoft Edge enabled synching without warning or consent, which means that Microsoft sucked up all of their bookmarks. Of course they can turn...
View ArticleNew Browser De-anonymization Technique
Researchers have a new way to de-anonymize browser users, by correlating their behavior on one account with their behavior on another: The findings, which NJIT researchers will present at the Usenix...
View ArticleFacebook Is Now Encrypting Links to Prevent URL Stripping
Some sites, including Facebook, add parameters to the web address for tracking purposes. These parameters have no functionality that is relevant to the user, but sites rely on them to track users...
View ArticleLeaking Passwords through the Spellchecker
Sometimes browser spellcheckers leak passwords: When using major web browsers like Chrome and Edge, your form data is transmitted to Google and Microsoft, respectively, should enhanced spellcheck...
View ArticleAn Untrustworthy TLS Certificate in Browsers
The major browsers natively trust a whole bunch of certificate authorities, and some of them are really sketchy: Google’s Chrome, Apple’s Safari, nonprofit Firefox and others allow the company,...
View ArticleClass-Action Lawsuit against Google’s Incognito Mode
The lawsuit has been settled: Google has agreed to delete “billions of data records” the company collected while users browsed the web using Incognito mode, according to documents filed in federal...
View Article
