You Have Been There

The first step in an attack is to gather information. You’re probably browsing with Firefox, have all the usual plugins installed (AdBlock Plus, NoScript), you’ve disabled cookies and you think you’re safe.

Security doesn’t work like that. Let me give you an example. You may already know that servers save little bits of information on your computer to recognize you when you return. Cookies.

But there is another way to know where you’ve been. Can you guess it? No? Look at the links. Still nothing? The color? It changes after visiting a site?

So the solution is to use a piece of JavaScript (and almost every site on the ‘net needs JS these days) and examine the color of your links. Gotcha.

Next time, disable your browser history, too. And the cache. And the proxy. And JavaScript. Better yet, don’t start it anymore.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 339 other followers