Home > Computing > New browser exploit tracks even the most paranoid…

New browser exploit tracks even the most paranoid web users

When it comes to tracking your web browsing, webmaster have all sorts of options – many of which web users actively block. But what if a malicious website owner could turn security features against you?

A researcher proved it’s possible to do just that over the weekend.

Most web users are aware that sites use can use cookies or browser fingerprinting to track you – it’s why so many users make a habit of deleting cookies, scrambling their user agents, and taking advantage of Incognito Mode.

Related: How to delete cookies in Chrome, Firefox, Safari and IE

But in a presentation over the weekend security researcher Yan Zhu showed the world a new tracking method that gets around even the most paranoid user, by exploiting the certificates your browser uses to connect to secure sites.

Don’t believe me? Try Zhu’s site Sniffly out for yourself in Chrome or Firefox, and you’ll probably end up with an accurate list of sites you have and haven’t visited.

To (dramatically) simplify what’s going on here, the exploit attempts to load various images from encrypted domains, then detects whether or not your browser can establish a secure connection with those sites. If it can connect, it’s because you have an  HSTS pin for the site – so there’s a good chance you’ve visited the site before.

It’s a simple way to get a quick list of which secure sites you have and haven’t visited. The information collected this way is less reliable, only relates to sites encrypted using HTTPS, and is less specific that other methods – the sites you’ve visited are revealed, not the individual pages. But it’s still noteworthy, because nothing like it’s been done before.

Related: How to stay anonymous online

You can watch Zhu’s entire presentation, read the slides or check out Sniffly on GitHub, if you want a more complete breakdown of how the exploit works.