funsec mailing list archives
Re: Interesting: Stealing your browser history... without JavaScript!
From: Gary Warner <gar () askgar com>
Date: Sun, 14 Jun 2009 14:55:49 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Paul Ferguson wrote:
FYI: http://www.making-the-web.com/misc/sites-you-visit/nojs/ - ferg
First I saw this was actually by Markus Jakobsson in Indiana. See his paper from 2005, "Invasive Browser Sniffing and Countermeasures" -- https://www.indiana.edu/~phishing/browser-recon/ http://www.cs.indiana.edu/~sstamm/papers/invasivesniff05.pdf also used by Jakobsson and friends in an experiment about whether fake ads from your "friends" on social networks would be more likely to be followed (December 2005 - http://www.indiana.edu/~phishing/social-network-experiment/phishing-preprint.pdf ) - -- - -------------- Gary Warner Director of Research in Computer Forensics The University of Alabama at Birmingham gar () cis uab edu gar () askgar com 205.934.8620 205.422.2113 Blog = http://garwarner.blogspot.com/ Home = http://www.cis.uab.edu/forensics/ Microsoft Enterprise Security MVP 2007-2009 - -------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFKNVXFg79eYCOO6PsRAlInAJ9gQ7NanA0hdvhUjDOifBMTIaT2mgCfeZT1 0Y8HjZJHIrmkQCbEaBycXqk= =emS9 -----END PGP SIGNATURE----- _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Interesting: Stealing your browser history... without JavaScript! Paul Ferguson (Jun 13)
- Re: Interesting: Stealing your browser history... without JavaScript! Martin Tomasek (Jun 13)
- Re: Interesting: Stealing your browser history... without JavaScript! Gary Warner (Jun 14)