Closed Bug 1801305 Opened 2 years ago Closed 2 years ago

Infer User Browsing History By Hiding Visited Links

Categories

(Firefox :: Untriaged, defect)

Product:
Firefox
Component:
Untriaged
Version:
Firefox 109
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1398414

People

(Reporter: levitnudi, Unassigned)

Details

Attachments

(1 file)

Donload index.html and open in your browser, enter challenge to get visited link
1.40 KB, text/html
Details

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36
Firefox for Android

Steps to reproduce:

Hello!

An attacker can infer user browsing history by changing visited link color and underline to white, where page background color is also white to hide characters. With this, the visitors could be asked to enter a capture challenge to prove they are humans. Based on user input, the attacker is able to deduce if the user visited a link or not.

Actual results:

Visited links are invisible to the user, making it possible for an attacker to infer browsing history.

Expected results:

Both visited and unvisited links should be displayed in a standard way to the user to prevent this trick.

Suggested Fix:
Link styling should take into consideration the background color to prevent making of visited links invisible.

This is a well-known problem. The history fixes until now have prevented quick wholesale gathering of information, but can't prevent the slower probes and especially not if you can engage the user's perception.

See, for example,
Firefox bug 1398414
Chrome https://bugs.chromium.org/p/chromium/issues/detail?id=713521
Webkit https://bugs.webkit.org/show_bug.cgi?id=37443

Group: firefox-core-security
Status: UNCONFIRMED → RESOLVED
Closed: 2 years ago
Duplicate of bug: 1398414
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: