[tor-talk] New HTTP authorization attack

tor at lists.grepular.com tor at lists.grepular.com
Mon Aug 22 19:49:37 UTC 2011


On 22/08/11 20:08, stringer at hushmail.me wrote:

> "The JonDoFox research team has uncovered a new attack on web 
> browsers: Affected are the web browsers Firefox, Chrome and Safari. 
> By a hidden call over of a URL with HTTP authentication data, third 
> party sites could track a user over several web sites, even if the 
> user blocks all cookies and other tracking procedures. For doing 
> this, it is sufficient to include a simple CSS file:
> <link rel="stylesheet" type="text/css" 
> "http://Session:638431048@ipcheck.info/auth.css.php">

FWIW, there are many ways to track a browser cross-site and across
restarts, even if you have javascript and cookies and flash cookies
disabled. I recently blogged about a bunch of them which abuse the
browser cache here:

https://grepular.com/Preventing_Web_Tracking_via_the_Browser_Cache

-- 
Mike Cardwell https://grepular.com/  https://twitter.com/mickeyc
Professional  http://cardwellit.com/ http://linkedin.com/in/mikecardwell
PGP.mit.edu   0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20110822/9ae3d0ea/attachment.pgp>


More information about the tor-talk mailing list