yester64
February 3rd, 2010, 01:13 AM
and History Hi-Jacking...
http://yro.slashdot.org/story/10/02/02/0118213/De-Anonymizing-Social-Network-Users?from=rss
"The H has an article about some researchers who found a new way to de-anonymize people (http://www.h-online.com/security/news/item/Indiscrete-web-browsers-assist-de-anonymisation-919669.html). Compared to the EFF's Panopticlick (http://yro.slashdot.org/story/10/01/27/1638216/Tracking-Browsers-Without-Cookies-Or-IP-Addresses), the goal of this experiment is not to identify a user's browser uniquely, but to identify individual users. The test essentially exploits the fact that many social network users are identifiable by their membership of various groups. According to the researchers, it's very unlikelly that two people on any social network will belong to exactly the same groups. A 'group fingerprint' can thus allow websites to identify previously anonymous visitors. They describe the setup and all details (http://www.iseclab.org/papers/sonda-TR.pdf) and the results look very interesting. They also have a live demo (http://www.iseclab.org/people/gilbert/experiment/) for the social network Xing that was able to de-anonymize me."
This was today's breaking story in regards of how secure you actually surf in the web or web 2.0.
There is the problem with history hi-jacking in which people, criminals can also see what sites you were visiting or using.
This has nothing to do with operating systems and as such should be considered by anyone as a hazard.
There is also a german magazin site which also had some links to this topic.
http://www.spiegel.de/netzwelt/web/0,1518,675395,00.html
Here are the 'i got you' sites which can show exploids in regards of history hi-jacking.
http://didyouwatchporn.com/
http://whattheinternetknowsaboutyou.com/ (this one did not work for me)
And here the official Symposium website
http://oakland31.cs.virginia.edu/
http://yro.slashdot.org/story/10/02/02/0118213/De-Anonymizing-Social-Network-Users?from=rss
"The H has an article about some researchers who found a new way to de-anonymize people (http://www.h-online.com/security/news/item/Indiscrete-web-browsers-assist-de-anonymisation-919669.html). Compared to the EFF's Panopticlick (http://yro.slashdot.org/story/10/01/27/1638216/Tracking-Browsers-Without-Cookies-Or-IP-Addresses), the goal of this experiment is not to identify a user's browser uniquely, but to identify individual users. The test essentially exploits the fact that many social network users are identifiable by their membership of various groups. According to the researchers, it's very unlikelly that two people on any social network will belong to exactly the same groups. A 'group fingerprint' can thus allow websites to identify previously anonymous visitors. They describe the setup and all details (http://www.iseclab.org/papers/sonda-TR.pdf) and the results look very interesting. They also have a live demo (http://www.iseclab.org/people/gilbert/experiment/) for the social network Xing that was able to de-anonymize me."
This was today's breaking story in regards of how secure you actually surf in the web or web 2.0.
There is the problem with history hi-jacking in which people, criminals can also see what sites you were visiting or using.
This has nothing to do with operating systems and as such should be considered by anyone as a hazard.
There is also a german magazin site which also had some links to this topic.
http://www.spiegel.de/netzwelt/web/0,1518,675395,00.html
Here are the 'i got you' sites which can show exploids in regards of history hi-jacking.
http://didyouwatchporn.com/
http://whattheinternetknowsaboutyou.com/ (this one did not work for me)
And here the official Symposium website
http://oakland31.cs.virginia.edu/