Web bug allows porn sites to hijack history files of visitors

LONDON - A study has found that a web bug that allows sites to hijack the history files of visitors is being used by porn websites.

A survey of 50,000 of the web’s most visited websites by computer science researchers at UC San Diego found 485 sites exploiting the bug to get at browser histories.

They also found 63 were copying the data it reveals and 46 were found to be “hijacking” a user’s history, with adult site YouPorn being the most popular site to use the technique.

Many other porn sites use it too as well as sports, news, movies and finance websites.

The bug works by giving sites access to all the other sites that a user has visited, and many change the colour of the text to reflect that earlier visit.

Any displayed in a different colour are judged to be those a user has already seen.

The researchers also looked at other popular techniques that sites use to map and monitor what visitors do. Some, such as YouTube, run scripts that track the trail a user’s mouse pointer takes on and across pages.

“Our study shows that popular Web 2.0 applications like mashups, aggregators, and sophisticated ad targeting are rife with different kinds of privacy-violating flows,” the BBC quoted the researchers as writing.

The researchers pointed out that some modern browsers, such as Chrome and Safari, are not vulnerable to history hijacking and that the most recent version of Mozilla has closed the loophole.

Users of Internet Explorer can defeat the bug by turning on “private browsing”.

Despite these safeguards, the researchers said there was a “pressing need to devise flexible, precise and efficient defences” against the history hijacking technique. (ANI)