Browsing on the web just became a little more scary. A group of researchers found a way to deploy an attack that can “de-anonymize” the users behind the browser (research paper available in PDF format). Focusing on the users of social networking sites (LinkedIn.com, Facebook, Xing.com, etc.), these security researchers show how to de-anonymize a user taking a “browser fingerprint“ – a JavaScript queries the color of various links to find out whether the user has visited those sites in the past – information that is used to essentially “triangulate” the user. Taking Xing.com as an example and proof-of-concept, this business networking site allows its users to join a variety of groups. Since many of these groups have open lists of their members, it is possible to build a service that will correlate user data with these publicly available lists of social networking groups, thus pinpointing the users based on their browsing history. Having this kind of relevant personal information, it then becomes easy to build effective spear phishing attacks.
At Xing.com, the site that was used to test this theory, it is impressive how quickly the technical team implemented the appropriate safeguards to protect their users from this type of attacks (it took 3 days from learning about the potential threat for Hotfix deployment).
Now that the whole world knows how to launch this type of attack it may be wise to adjust the privacy settings of your browsers so that your browsing history is either not recorded or is erased fairly often. Alternatively, use this plug-in for Firefox – Stanford SafeHistory.