Posts: 14932
Threads: 684
Joined: August 25, 2008
Reputation:
143
RE: Answers in Genesis website hijacks web history!
December 4, 2010 at 4:23 pm
You asked me why that information is supposed to be private. I told you that by assuming a worst-case scenario, which involved criminal activity. Yes, we have to presuppose the intent of a phisher, because the mere existence of such a person is grounds for protecting the privacy of where you go online.
Finding out which places people visit is actually rather hard, since everything usually goes through a localised router, which adds a degree of anonymity. If I were inside the network, I could sniff packets and determine where you went, but that involves me being close to you (geographically), and that limits the number of people I can attack (and reduces the likelihood of an attack occurring). If I am outside the network, finding out where you go is almost impossible, but the fact is it should be impossible (or very very hard) so that any attack has a very low success rate. The code that determines where you have been on the web is easily installed, making it very easy for someone to find out where you have been.
Look at it this way. Why do we have seat belts in cars? The vast majority of us don't have a need for them, since the vast majority of drivers don't get into accidents. However, we have them there because of the worst-case scenario, and in that case, they save lives. Sure, we could open up our browsing history and let anyone know where we have gone on the web, because most of the time it is of no interest to anyone. However, the worst-case scenario involves a breach of privacy, which leads to a loss of money and / or personal details. For this reason, we must secure our web history.
Posts: 1965
Threads: 83
Joined: June 15, 2010
Reputation:
37
RE: Answers in Genesis website hijacks web history!
December 6, 2010 at 10:58 pm
Go here to see if you are vulnerable.
If you are using Firefox, follow the instructions below to plug the privacy hole.
Type " about:config" with no quotes in your address bar.
Set layout.css.visited_links_enabled to false
"How is it that a lame man does not annoy us while a lame mind does? Because a lame man recognizes that we are walking straight, while a lame mind says that it is we who are limping." - Pascal
Posts: 4535
Threads: 175
Joined: August 10, 2009
Reputation:
43
RE: Answers in Genesis website hijacks web history!
December 6, 2010 at 11:08 pm
(This post was last modified: December 6, 2010 at 11:12 pm by theVOID.)
False analogy Tack, in your hypothetical the only things that are public are the things you chose to take out into the world with you.
This scenario is more like someone being invited into your house to remove your TV set and taking your receipts folder with them.
.
Posts: 1965
Threads: 83
Joined: June 15, 2010
Reputation:
37
RE: Answers in Genesis website hijacks web history!
December 6, 2010 at 11:22 pm
(December 4, 2010 at 3:05 pm)tackattack Wrote: Why is it that the information in the history of your browser supposed to be private? Wouldn't that be the same as someone following you around for a few days finding out what store you shopped at.
Stalking is illegal in my state.
"How is it that a lame man does not annoy us while a lame mind does? Because a lame man recognizes that we are walking straight, while a lame mind says that it is we who are limping." - Pascal
Posts: 69247
Threads: 3759
Joined: August 2, 2009
Reputation:
259
RE: Answers in Genesis website hijacks web history!
December 6, 2010 at 11:27 pm
(December 6, 2010 at 10:58 pm)Jaysyn Wrote: Go here to see if you are vulnerable.
If you are using Firefox, follow the instructions below to plug the privacy hole.
Type "about:config" with no quotes in your address bar.
Set layout.css.visited_links_enabled to false
Once one gets to the appropriate line how does one make the change.
And remember.... I'm old so don't get too complicated!
Posts: 1965
Threads: 83
Joined: June 15, 2010
Reputation:
37
RE: Answers in Genesis website hijacks web history!
December 6, 2010 at 11:44 pm
(December 6, 2010 at 11:27 pm)Minimalist Wrote: (December 6, 2010 at 10:58 pm)Jaysyn Wrote: Go here to see if you are vulnerable.
If you are using Firefox, follow the instructions below to plug the privacy hole.
Type "about:config" with no quotes in your address bar.
Set layout.css.visited_links_enabled to false
Once one gets to the appropriate line how does one make the change.
And remember.... I'm old so don't get too complicated!
Type layout.css.visited_links_enabled into the filter textbox, then double-click on the resulting entry below.
"How is it that a lame man does not annoy us while a lame mind does? Because a lame man recognizes that we are walking straight, while a lame mind says that it is we who are limping." - Pascal
Posts: 69247
Threads: 3759
Joined: August 2, 2009
Reputation:
259
RE: Answers in Genesis website hijacks web history!
December 7, 2010 at 1:01 am
That was simple.
Posts: 1965
Threads: 83
Joined: June 15, 2010
Reputation:
37
RE: Answers in Genesis website hijacks web history!
December 7, 2010 at 9:41 am
(This post was last modified: December 7, 2010 at 10:00 am by Jaysyn.)
(December 7, 2010 at 1:01 am)Minimalist Wrote: That was simple.
You can try that website again & see that they can no longer sniff your browser history. I don't know why that isn't enabled by default on Firefox, but it is in the Firefox 4 Beta.
"How is it that a lame man does not annoy us while a lame mind does? Because a lame man recognizes that we are walking straight, while a lame mind says that it is we who are limping." - Pascal
Posts: 4446
Threads: 87
Joined: December 2, 2009
Reputation:
47
RE: Answers in Genesis website hijacks web history!
December 11, 2010 at 9:32 am
I agree that planning for the worstcase is viable and it might be a false analogy. If I had to draw a line in the sand though saying that this is malicious, I'd put it between pulling browser history and traping transmitted data. I was just making the overall point that the majority of people shouldn't have much to hide, so it's really based off of intent not legality. Was AIG, or the banks or other sites on the list intending an attack, I don't think so. Using them as fuel to propigate justifiabe fear of safe sufing is skewing the social view of them to put them in line with malicious hackers. That only benefits political agendas and not the reality of protecting yourself from threats.
"There ought to be a term that would designate those who actually follow the teachings of Jesus, since the word 'Christian' has been largely divorced from those teachings, and so polluted by fundamentalists that it has come to connote their polar opposite: intolerance, vindictive hatred, and bigotry." -- Philip Stater, Huffington Post
always working on cleaning my windows- me regarding Johari
Posts: 1965
Threads: 83
Joined: June 15, 2010
Reputation:
37
RE: Answers in Genesis website hijacks web history!
December 12, 2010 at 10:47 pm
(December 11, 2010 at 9:32 am)tackattack Wrote: I agree that planning for the worstcase is viable and it might be a false analogy. If I had to draw a line in the sand though saying that this is malicious, I'd put it between pulling browser history and traping transmitted data. I was just making the overall point that the majority of people shouldn't have much to hide, so it's really based off of intent not legality. Was AIG, or the banks or other sites on the list intending an attack, I don't think so. Using them as fuel to propigate justifiabe fear of safe sufing is skewing the social view of them to put them in line with malicious hackers. That only benefits political agendas and not the reality of protecting yourself from threats.
As someone who knows just a little bit about computer security, I'd have to say that is a very naive point of view.
"How is it that a lame man does not annoy us while a lame mind does? Because a lame man recognizes that we are walking straight, while a lame mind says that it is we who are limping." - Pascal
|
