Tuesday, 27 July 2010

How hackers snoop on private web browsing

Experts have identified how their web browser's 'private mode' setting is also vulnerable to hackers.

Most web browsers offer a private mode, intended to leave no trace of surfing history on the computer.

But Collin Jackson at Carnegie Mellon University in Pittsburgh, Pennsylvania, and colleagues, have found ways to detect which sites were visited with the mode enabled.

Even if private browsing is enabled, details relating to the key remain stored on the computer's hard drive, allowing a hacker to establish that a particular site had been visited.

A hacker could "guess what sites you've been to based on traces left behind," New Scientist quoted Jackson as saying.

These attacks on privacy "do not require a great deal of technical sophistication and could easily be built into forensics tools," he added.

However, Rik Ferguson -- a UK-based security researcher at Trend Micro of Tokyo, Japan -- says that any attacker with the knowledge to exploit the weaknesses would probably look to other attacks first, which may yield more detailed information.

"If someone is capable of tracking your browsing habits in this way, then they are probably also tech-savvy enough to know about commercial spyware which could much more effectively track your computer use," says Ferguson.
Blogged with the Flock Browser