leaky browser syndrome

For discussions about security.
Post Reply
Message
Author
cretsiah
Posts: 108
Joined: Sat 24 May 2008, 15:28

leaky browser syndrome

#1 Post by cretsiah »

I got unnerved yesterday when i found out how much information was leaking from my browser.

It pumps out what site i was on, what sites i have visited, browser type and its version number. ip address (although for this it only seems to get the isp number rather than my direct personal comps ip as i understand it)

3 places i did browser tests was:

- Shields Up
- PC Flank
- Project IP

the last one Project IP was the scariest, it seemed to be able to tell OS and how updated as well..

Opera, FireFox, Chrome all failed, except when i told them to block all cookies.

problem:
sites i regularly visit seem to prefer me to have a weakness in my system in order to obtain access to their site.
some will let you get away with restricting 3rd party cookies but others seem to want you to allow all cookies...

im a regular @ facebook it wants an "all cookie" allowance.

my current solutions:

1. to completely stop using any site that says i must allow cookies for use of their service.

2. start my surfing day by going into these security leak induced sites, with the session ending after logout, deleting all downloaded cookies ( where possible given that some cookies now like to remain hidden from view) and then re-enabling the "block all cookies" feature before continuing to surf other sites (more annoying the cumbersome)

3. is there a better way?

ps. according to PC Flank and Shields Up my only vunerability to security at this stage was my browser..
Top
User avatar
droope
Posts: 801
Joined: Fri 01 Aug 2008, 00:17
Location: Uruguay, Mercedes

#2 Post by droope »

Hi. Sometimes it really gets scary, to know how much people know about one. And besides, it is true that there is no need to provide that info.

But, on the other hand, there isn't much that they can do with any of it.

The restriction of cookies may sound like a good idea, but cookies are a great thing, they are like little snippets of info stored in your browser so that the server remembers who you are, among other things. Believe me, they are scarier to the web developer than to the web user.

Luckily, you can fake the info the web recieves about you, with firefox!

And User Agent Switcher:
https://addons.mozilla.org/en-US/firefox/addon/59

Cheers!
Droope.
What seems hard is actually easy, while what looks like impossible is in fact hard.

“Hard things take time to do. Impossible things take a little longer.â€￾ –Percy Cerutty

[url=http://droope.wordpress.com/]Mi blog[/url] (Spanish)
Top
Post Reply

Return to “Security”