Welcome to WebmasterWorld Guest from 54.159.51.118

Forum Moderators: open

JavaScript Side Channel Attack Makes Browser Tabs Trackable

     
11:03 am on Nov 29, 2018 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:25722
votes: 821


Researchers have discovered a JavaScript side-channel attack technique which would enable malicious code on an open tab to spy on other open tabs. Apparently, this even works on TOR browser, resulting in a worryingly easy way of website fingerprinting. It'll also spy from one browser to another.

In other words, it is possible to determine which website someone's looking at by the way their browser accesses the processor's CPU cache while fetching and rendering on-screen the web pages. Malicious JavaScript in one tab can monitor cache accesses to identify patterns and fingerprint the sites visited by other tabs.


[theregister.co.uk...]

Of course, turning off JavaScript will mitigate the issue, but it'll also limit the usability of sites visited.

HT to henry0