Researchers from the New Jersey Institute of Technology have written a paper, which they will present at the Usenix Security Symposium in Boston, demonstrating how threat actors (or governments or law enforcement) could de-anonymise a users from their browsing habits. The attackers would analyse browsing activity and state to determine whether any public identifiers such as a social media name or email address could be detected. This would be derived from being logged into these accounts on other browser tabs or windows.
The attack has been tested against an array of the most popular services, including YouTube and Facebook, and on popular browsers. This includes Tor, which is designed to preserve the user’s anonymity!
Cache-based Targeted Deanonymization Attacks (leakuidatorplusteam.github.io)
Clive Catton MSc (Cyber Security) – by-line and other articles
Please Note:
I am on leave so the news this week is “in brief”. You can still contact me via the contact page and Octagon Technology.
