What the internet knows about you
Das Thema Web Browser History Detection hatte ich glaube ich schon mal. Die Website whattheinternetknowsaboutyou.com hat, neben einer Menge Hintergrundinformationen auch zum Thema Schutz vor diesem Angriff, jetzt die Ergebnisse ihres Tests veröffentlicht:
How much information can be gathered?
- While our tests were quite limited, for our test of 5000 most popular websites, we detected an average of 63 visited locations (13 sites and 50 subpages on those sites); the medians were 8 and 17 respectively.
- Almost 10% of our visitors had over 30 visited sites and 120 subpages detected — heavy Internet users who don’t protect themselves are more affected than others.
- We also detected zipcodes our visitors had typed into online forms on sites such as Yahoo! Movies or weather.com for 9.8% of users.
How easy is it to detect browsing histories?
- The ability to detect visitors’ browsing history requires just a few lines of code. Armed with a list of websites to check for, a malicious webmaster can scan over 25 thousand links per second (1.5 million links per minute) in almost every recent browser.
- Most websites and pages you view in your browser can be detected as long as they are kept in your history. Almost every address that was in your browser’s address bar can be detected (this includes most pages, including those retrieved using https and some forms with potentialy private information such as your zipcode or search query). Pages won’t be detected when they expire from your history (usually after a month or two), or if you manually clear it.