engine - 3:52 pm on Dec 2, 2010 (gmt 0)

Browser History File Hijack [bbc.co.uk]

A survey of 50,000 of the web's most visited websites by the team from UC San Diego found 485 sites using this method to get at browser histories, 63 were copying the data it reveals and 46 were found to be "hijacking" a user's history.

"Our study shows that popular Web 2.0 applications like mashups, aggregators, and sophisticated ad targeting are rife with different kinds of privacy-violating flows," wrote the researchers.

The researchers pointed out that some modern browsers, such as Chrome and Safari, are not vulnerable to history hijacking and that the most recent version of Mozilla has closed the loophole. Users of Internet Explorer can defeat the bug by turning on "private browsing".