Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Google Security News

Mining Browsing History With Google Cookie Data 40

Posted by Soulskill from the is-it-the-90s-again dept.
mikejuk writes "Recent research reveals details on how Google's SID cookie can be used to discover what websites a user has visited. In principle, the cookie is a low security risk because it doesn't allow acess to any data without authentication — thus it is sometimes transmitted in the clear and easy to intercept. With a little help from Google Search History and the 'Visited Pages' filter, researchers were able to list up to 80% of the pages visited by volunteer victims. Throw into the mix the 'social' filter and you can discover a lot more."
This discussion has been archived. No new comments can be posted.

Mining Browsing History With Google Cookie Data More

Mining Browsing History With Google Cookie Data

Comments Filter:

  • Re:Google (Score:3, Insightful)

    by MichaelKristopeit355 ( 1968164 ) on Friday September 02, 2011 @04:16PM (#37290744)

    Google shouldn't even try to do datamining...

    i'm sure the web will just index itself.

  • Re:Interesting (Score:4, Insightful)

    by Dahamma ( 304068 ) on Friday September 02, 2011 @04:31PM (#37290876)

    The SID is just Google's "session ID", it doesn't contain browsing data itself. They were just hijacking the session id and using it in Google searches, then looking at the results to try to determine a user's search history based on what Google sent back.

    Stealing someone's session cookie and then using it to get information about the victim? This is *definitely* nothing new, and I'm sure there are tons of other sites vulnerable to the same attack...

Slashdot Top Deals

"Protozoa are small, and bacteria are small, but viruses are smaller than the both put together."

Close