[Nottingham] Websites know where you have been...
Martin
martin at ml1.co.uk
Sat May 1 13:13:45 UTC 2010
Folks,
Yet another way that your web browsing life is recorded and divulged...
This is a rather interesting exploit blocked for Firefox (that is still
a vulnerability in all other browsers?) for the Beta2 release of
Mandriva 2010.1:
Firefox doesn't change the colour of visited links
This option is disabled, in Mandriva, by default in Firefox-3.6 due to a
privacy invading vulnerability where a web page can easily obtain info
about users' browsing habits using a simple css or a javascript, using
the "colour" status of ":visited" links. Note that this option wasn't
available in Firefox versions older than 3.5.
Links: https://bugzilla.mozilla.org/show_bug.cgi?id=147777
http://support.mozilla.com/tiki-view_forum_thread.php?locale=hu&comments_parentId=438422&forumId=1
http://davidwalsh.name/jquery-spyjax
If you don't care about this vulnerability, you can revert this change
by typing about:config in Firefox address bar then pressing Enter,
search for layout.css.visited_links_enabled and double click it to
change it to true.
http://wiki.mandriva.com/en/2010.1_Errata#Firefox_doesn.27t_change_the_colour_of_visited_links
Of concern? Worrying? Or are we all doomed in any case for however we
use the web? Or just simply no worries?
Cheers,
Martin
--
----------------
Martin Lomas
martin at ml1.co.uk
----------------
More information about the Nottingham
mailing list