July 31, 2014
Hot Topics:
RSS RSS feed Download our iPhone app

Firefox Fixing Decade-old Browser History Leak

  • April 7, 2010
  • By Developer.com Staff

Firefox developers have a plan to fix a bug that has affected every browser for at least a decade.

The bug is a cascading style sheet history attack that makes it possible for nefarious web developers to compile lists of links you've clicked on.

According to The Register's Dan Goodin, "It exploits technology in virtually every browser that causes visited links to be displayed in purple rather than blue. Mozilla has classified the weakness as a bug since at least 2002."

Fixing the bug has been difficult because all attempts to do so would have broken the visited link functionality and millions of Web sites.

But Mozilla says they have a fix that works - sort of.

"A few websites may look a little different, but visited links will still show up differently colored," Mozilla Security Team Member Sid Stam wrote here. "A few sites that use more than color to differentiate visited links may look slightly broken at first while they adjust to these changes, but we think it's the right trade-off to be sure we protect our users' privacy."

Some security experts aren't convinced and think that Mozilla's fix is just another example of bug fixing whack a mole.


View Article



Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 


Sitemap | Contact Us

Rocket Fuel