U tweetove putem weba ili aplikacija drugih proizvođača možete dodati podatke o lokaciji, kao što su grad ili točna lokacija. Povijest lokacija tweetova uvijek možete izbrisati. Saznajte više
Excellent paper by @arturjanc et al. on the risks of on-device tracker classification.
Specifically, they discuss how Safari's ITP can be abused to leak browsing history, leak search history, and perform denial of service attacks: https://arxiv.org/ftp/arxiv/papers/2001/2001.07421.pdf … [thread]
Attackers can use side-channels to determine whether resources are classified by ITP. A clever one is to send a referrer header over the size limit of most webservers and check whether the request was successful (ITP trims referrer headers for trackers). There are many others.pic.twitter.com/SVw9H4HEk5
An attacker can use these side channels to determine whether specific hostnames are classified by ITP, thus implying that the user visits sites that embed those hosts. These hostnames can reveal incredibly sensitive information (e.g., phncdn[.]com, which is Pornhub's CDN).
Does this mean that only "prevalent" domains are vulnerable? No. The authors find that ITP consistently classifies domains as prevalent after they load on 3 sites. An attacker can load the non-prevalent domain across multiple sites and check its classification...
...if the attacker finds that the subresource in question is classified as a tracker prior to loading it on three attack websites, then they know the user has visited a site that embeds the subresource This is true even for subresources embedded on a single website.pic.twitter.com/HpcL0VMnSo
As a practical example. Let's say the user visits dating.example, which embeds dating-cdn.example. An attacker can load dating-cdn.example on two attack sites. If they detect classification after the second visit, they learn that the user has visited dating.example.
More troubling: the classification status of a resource may depend on a user's actions *within* a site. E.g., health.example may only load medical-condition.example if I have a certain medical condition. A similar attack is possible on search query landing pages.pic.twitter.com/CGAVHT5AO8
An attacker can use this same approach to place a victim domain on the ITP list, potentially leading to denial of service. e.g., get a competitor's authentication origin classified by ITP, so its cookies are stripped and future login attempts fail.
Finally, the attacker can use a bunch of dummy origins to encode a cross-site identifier within the ITP list (similar to HSTS supercookies). ITP doesn't classify origins loaded in documents open for less than 5 seconds, so attackers can read the encoded ID without destroying it.
In summary: the introducing of cross-site state based on browsing history is dangerous. The paper mentions that a number of these issues have been addressed by Safari, but that there are fundamental limitations.pic.twitter.com/w9y76IPNWI
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
