Browser caches checkable by 3rd parties
Princeton researchers say they have found a security vulnerability in all standard browser design that could let Websites analyze the contents of a visitor's "cache" of recent activities. Called a timing attack, it works by asking the browser if it has visited a list of Web sites and determining the answer by measuring the time needed for the browser to respond.
The technique opens up other new ways to extract information from browsers, though some analysts doubt that the attack presents a serious threat. Designers could create "cache cookies" which are stored in browsers without user permission. A number of different Websites could then cooperate to gather information about user behavior by accessing those cache cookies. There is no defense against this type of theoretical attack but the researchers say that future browsers can be designed to minimize risks associated with cache attacks.
To learn more, read sciencedaily.com, newsBytes.com and zdnn.com.
- Open-source database doing business
- How dream P4 was downgraded
- Nobel winner says computing problems to be solved soon
- VIA KT133A chipset details
- White LEDs to replace light bulbs
- Kingston says RIMMs over-priced
- Top firewalls easily pierced
- IBM to spend $1B on Linux in 01
- TSMC Ships 0.13-Micron chips to VIA
