RETURN $ecure;

Security, Technology and Life

Stolen history without Javascript and some news

with one comment

RSnake has writte up an excellent post on stealing a users browsing history without the use of Javascript. Apparently though, there was an obscure, though similar paper written before this. According to Mephisto in the comments, this detects history through multiple instances
of the browser. Probably because the browser gets updated and the site is 
using the visited: CSS if you visit it in once instance. Anyways, interesting stuff. Don’t forget to get the XSS book tomorrow!

Also, I’ve set up a new forum on one of my spare machines.
It’s not particularly secure right now as it’s using Debian packages. They tend to be a little out of date. But at least it’s stable. I’ll be making semi-regular backups, so it won’t be a huge issue if it’s hacked. Assuming your DNS updated by the time you read this, it should be at You’ll probably also notice the banner on the right. Yup. Easier sign-up for e-mails


Written by Rodney G

02/28/2007 at 9:49 pm

Posted in Uncategorized

Tagged with ,

One Response

Subscribe to comments with RSS.

  1. ohay thar.


    04/25/2007 at 11:50 am

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: