1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Ancient flaw that allowed hackers to view browsing history patche

    From TechnologyDaily@1337:1/100 to All on Tue Apr 8 16:30:07 2025
    Ancient flaw that allowed hackers to view browsing history patched by Chrome

    Date:
    Tue, 08 Apr 2025 15:29:00 +0000

    Description:
    Chrome is finally fixing the clicked links color issue that troubled browser makers for decades.

    FULL STORY ======================================================================A UX feature that helps users determine which links they visited in the past can
    be abused Over the years, there were multiple attempts to fix it Google
    claims the next version of Chrome finally addresses it

    Google is finally fixing a vulnerability in Chrome thats been present since its very inception, and that could be used to spy on peoples browsing habits.

    In a blog post published early April, Googles Kyra Seevers explained that
    when a person clicks on a link displayed in a web page, it turns from blue to purple. The idea behind this design was to improve the user experience and help people navigate the web easier. This change of state is handled by CSS.

    However, malicious actors found different ways to abuse this UX feature to
    spy on peoples browsing habits. For example, a malicious website could
    include thousands of links to popular websites, but style them in a way that the visitors dont actually see them. The site then uses JavaScript or CSS to check which of those links should appear purple, effectively learning which sites the victim already visited.

    Monitor your credit score with TransUnion starting at $29.95/month

    TransUnion is a credit monitoring service that helps you stay on top of your financial health. With real-time alerts, credit score tracking, and identity theft protection, it ensures you never miss important changes. You'll benefit from a customizable online interface with clear insights into your credit profile. Businesses also benefit from TransUnions advanced risk assessment tools.

    Preferred partner ( What does this mean? ) View Deal Chrome 136 to the
    rescue

    Apparently, the problem is not limited to Chrome but instead is present on most browsers these days. In fact, the problem predates the Chrome browser , which was first introduced in 2008.

    These attacks can reveal which links a user has visited and leak details
    about their web browsing activity, Seevers explained. This security problem has plagued the web for over 20 years, and browsers have deployed various stop-gaps to mitigate these history detection attacks. While the attacks are slowed down by these mitigations, they are not eliminated.

    However, the next version of the browser, Chrome 136, is supposed to render these attacks obsolete. This is accomplished by partitioning :visited link history, Seevers further stated.

    We wont bore you with the technicalities of the solution, but if youre interested in reading them, make sure to check out Seevers blog here .

    Chrome 136 is scheduled for release in late April 2025.

    Via The Register You might also like Google Chrome security flaw could have let hackers spy on all your online habits We've rounded up the best password managers Take a look at our guide to the best authenticator app



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/ancient-flaw-that-allowed-hackers-to-vi ew-browsing-history-patched-by-chrome


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)