Sign In

Communications of the ACM

ACM TechNews

Bloated Browser Functionality Presents ­nnecessary Security, Privacy Risks


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Browser logos.

Researchers at the University of Illinois at Chicago have identified browser functionalities that post security or privacy risks.

Credit: github.com/alrra/browser-logos

Researchers at the University of Illinois at Chicago (UIC) have identified browser functionalities that are rarely used or needed by Websites, but which pose security and privacy risks.

The researchers theorized that blocking Website access to unnecessary browser functionality would help reduce these risks.

They examined the costs and benefits associated with sites having access to 74 different types of functionality, collectively known as a Web application programming interface. The team then measured how frequently each of these features was used on Websites, and how likely each was to risk security or privacy.

UIC's Peter Snyder says features with a low benefit to users, but a high security risk, were flagged as those that could be blocked to improve security. The researchers then developed a browser extension that enables users to selectively block browser functionality to improve online safety.

They will present their findings next week at the ACM Conference on Computer and Communications Security (CCS 2017) in Dallas, TX.

From UIC News Center
View Full Article

 

Abstracts Copyright © 2017 Information Inc., Bethesda, Maryland, USA


 

No entries found