Information technology scientists at Germany's Ruhr-Universität Bochum (RUB) and Niederrhein University of Applied Sciences detected 14 new types of Web browser-targeting cross-site leaks (XS-Leaks).
XS-Leaks circumvent the same-origin policy designed to prevent the theft of information from a trusted Website, allowing hackers to identify site details that are linked to personal data.
The researchers identified three defining XS-Leak characteristics and formalized a model for understanding the attacks, which also helps to detect new ones.
They developed the XSinator.com site to automatically scan browsers for XS-leaks, and tested 56 browser-operating system combinations against 34 known XS-Leaks.
RUB's Lukas Knittel said popular browsers such as Chrome and Firefox were susceptible to a large number of XS-Leaks.
From Ruhr-Universität Bochum (Germany)
View Full Article
Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA
No entries found