Welcome to WebmasterWorld Guest from 54.144.124.152

Message Too Old, No Replies

Attackers to Exploit Search Personalization, Supply Chains

     

dstiles

10:13 pm on Nov 15, 2012 (gmt 0)

WebmasterWorld Senior Member dstiles is a WebmasterWorld Top Contributor of All Time 5+ Year Member



Search personalization could be the next "virus attack". G and other SEs will need to do some serious research to avoid this, but will they until it is too late?

In fact, is it already happening? I've seen reports hereabouts from a few people that their SE results are not always what they expect and cannot explain why.

...'automated censorship' is increasingly commonplace online... report claims researchers have managed to enumerate and modify Internet users’ search history with cross-site request forgery attacks.

[threatpost.com...]

This isn't the only exploit scenario addressed in the posting.

[edited by: tedster at 4:40 am (utc) on Nov 16, 2012]
[edit reason] make link clickable [/edit]

aristotle

4:12 pm on Nov 17, 2012 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member Top Contributors Of The Month



When Google adds new "features" such as personalization, local search, videos, +1 authors, etc, spammers and hackers immediately start looking for ways to exploit them and all to often are successful.

engine

4:25 pm on Nov 17, 2012 (gmt 0)

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



This was one of the emerging threats in the Georgia Tech report. [webmasterworld.com...]

There's no question about it, there's big money to be gained by effectively hijacking users search.

gerrigale

4:53 pm on Nov 17, 2012 (gmt 0)



I was worried about google asking for way too much information. I think we are vulnerable if we fill in all the profile data they are asking for. This I believe will become a huge problem in the future.

dstiles

9:46 pm on Nov 17, 2012 (gmt 0)

WebmasterWorld Senior Member dstiles is a WebmasterWorld Top Contributor of All Time 5+ Year Member



Not just G. Other SEs are now providing "personalized search" as well.

My response is to block cookies and javascript and, for preference, use a meta engine such as ixquick for all but extreme searches.
 

Featured Threads

Hot Threads This Week

Hot Threads This Month