Internet privacy and security course
About translation
Previous Next

Chapter 78

Browser history through the eyes of an IT security professional

Clearing the history of the browser at first glance may seem like a simple topic, but this is not so, and we will have two articles devoted to it. This is the first of them, where I will talk about some issues that should be taken into account when working with browser history, in the second one we will analyze where and in what form browsers store data with the history of visited sites, how to disable it and how to clear it.

Can sites remotely get browser history?

  This question worries many users. If we are talking about retrieving browser history from your hard drive remotely, this requires a full-fledged hacking of the device or the presence of a critical vulnerability in the browser. Of course, it is possible, but it is far from being easy, and it is unlikely that, having gained access to the data on the drive, the malefactor will limit just to stealing the history of the browser.

Another thing is the attack of re-paint type (checking the change of color of the visited links) or checking the execution of the JavaScript file, these attacks are simple to implement, but do not allow you to get the victim's history, but only to find out if they have visited this or that site.

Due to its peculiarities, this method makes it difficult to check a large number of sites for visits, usually malefactors are interested in internet banking or websites related to cryptocurrency management used by the victim.

Unfortunately, just take it for granted that it is possible. For protection, you can use Tor or "thoroughly" configure the browser, but this will certainly affect the convenience.

Plugins

  Some plugins, such as ad blockers, send information about the sites you have visited to remote servers. This absolutely does not mean that they collect the history of your browser there, data may not be stored at all or linked to impersonal temporary identifiers, we do not know this, and therefore we accept the worst scenario.

Especially, I do not recommend plug-ins to check sites for presence in any databases, for example, databases of phishing sites. Although I do not exclude that many people are willing to give information about the site opened in the browser in exchange for an assessment of their security.

Website translators

It is convenient when Chrome transfers websites to you, however, you should understand that all information from the website, including the link, is sent to Google servers. In terms of security, I recommend that you give up this option, as well as in general get rid of Google Chrome.

Criminal prosecution for clearing browser history

In some countries, such as the United States, clearing the browser history by a criminal suspect may be interpreted as the intentional destruction of evidence. A bright example is the case of Khairullozhon Matanov, who was sentenced to 2.5 years in prison.

Khairullozhon was friends with the terrorists Tsarnaev brothers, who make the terrorist attack on the Boston marathon in April 2013. Of course, after he discovered that his friends had committed the attack, he immediately cleaned up his computer, deleting some of the files and history of the browser.

Khairullozhon Matanov was not accused of terrorism, the main thing in his criminal case was accusation of lying to a court, but one of the points of accusation was precisely the removal of data.

Local cleaning

Today, many browsers and operating systems offer synchronization of the history of visited sites across multiple devices. One of the most vivid examples is Apple, where you can not only synchronize the story, but also, for example, see from the iPhone, which page is open in the Safari browser on the Mac, or if you lose your device, restore the entire history of online activity.

In 2017, there was a study by Elcomsoft, showing that the history of the Safari browser synchronized with iCloud is not deleted even after being cleared on devices. For many Apple owners, it was like a bucket of cold water on their heads.

Unfortunately, transferring browser history to the cloud, you cannot be sure that you delete it, you cannot be sure that data stored in the cloud will not be transferred to third parties upon request.

With a comprehensive browser configuration within the course, we start by turning off any synchronization, otherwise the history clearing can have only a local meaning.

Previous
3819
Next