Friday, December 3, 2010

What is the state of certain kinds of security problems in the real web?


Another tidbit related to the history sniffing story from computer scientists at UC San Diego.

“The tool we ended up with is useful for answering questions that no one knew how to answer at all before: ‘what is the state of certain kinds of security problems in the real web?’” said computer science professor Hovav Shacham from the Department of Computer Science and Engineering (CSE) at the UC San Diego Jacobs School of Engineering. 

The UC San Diego computer scientists did this while working on the cutting edge of how to efficiently do information tracking in a JavaScript setting.

History Sniffing and Browser Tracking / What about Mobile Browsers?



While the original history sniffing research presented at CCS10  did not look at mobile browsers, the UC San Diego computer scientists say that is something they are looking into now. 

“In general, the mobile browsers and mobile sites seem to be way behind in security,” said computer science professor Hovav Shacham from the Department of Computer Science and Engineering (CSE) at the UC San Diego Jacobs School of Engineering. 

A few more details on the History Sniffing / Browser History / JavaScript story from UC San Diego


Another tidbit on the history sniffing story from the computer scientists here at UC San Diego:

The UC San Diego computer scientists added their new JavaScript information flow engine to the Chrome browser, but the approach could be implemented in other browsers. The history-sniffing detection tool currently adds an additional 60 to 70 percent to total page loading time over a fast network – fast enough to be a useful research tool but too slow for consumer use.

The Forbes story is below: 

History Sniffing: How YouPorn Checks What Other Porn Sites You’ve Visited and Ad Networks Test The Quality of Their Data