Mozilla Flaw Springs Privacy Leak

Researchers have found a flaw in Mozilla-based browsers that springs data on
the Web surfing movements of users.

Head researcher at Neopoly Sven Neuhaus said the bug, first discovered
in May, is a serious privacy issue.

In a demonstration of
the flaw, Neuhaus says it exposes the URL of the page a user is viewing to
the Web server of the site visited last, allowing a Web site to track where
a viewer goes next regardless of whether the URL is entered manually or via
a bookmark.

“This bug is still present in the Mozilla 1.1 release… It’s been three
months,” Neuhaus said in a plea for a fix on Bugzilla, the site used to
track vulnerabilities in Mozilla releases.

It affects Mozilla browser versions 0.9x, 1.0, 1.0.1, 1.1 and 1.2 alpha;
Netscape 6.x and 7; Galeon 1.2.x and Chimera 0.5.

Mozilla users are urged to disable JavaScript as a temporary workaround
until a fix is issued. The flaw exists in the “onunload” handler which
loads an image from the referring server about a user’s surfing movements.

In addition to disabling JavaScript, users can avoid the bug by creating a
file “user.js” in the profile folder (the one with the pref.js file) and put
the following line in the file:
user_pref(“capability.policy.default.Window.onunload”, “noAccess”);
This stops the “onunload” handler from being activated.

Mozilla.org, the open source browser project backed by AOL Time Warner
, just released
the 1.1 upgrade to provide increased support for Linux and Mac platforms but
the privacy flaw remains in the upgrade, Neuhaus said.

RELATED NEWS AND ANALYSIS

• Huawei’s AI Update: Things Are Moving Faster Than We Think

  FEATURE |  By Rob Enderle,
  December 04, 2020

• Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 18, 2020

• Key Trends in Chatbots and RPA

  FEATURE |  By Guest Author,
  November 10, 2020

• Top 10 AIOps Companies

  FEATURE |  By Samuel Greengard,
  November 05, 2020

• What is Text Analysis?

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 02, 2020

• How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 29, 2020

• Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 23, 2020

• The Super Moderator, or How IBM Project Debater Could Save Social Media

  FEATURE |  By Rob Enderle,
  October 16, 2020

• Top 10 Chatbot Platforms

  FEATURE |  By Cynthia Harvey,
  October 07, 2020

• Finding a Career Path in AI

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  October 05, 2020

• CIOs Discuss the Promise of AI and Data Science

  FEATURE |  By Guest Author,
  September 25, 2020

• Microsoft Is Building An AI Product That Could Predict The Future

  FEATURE |  By Rob Enderle,
  September 25, 2020

• Top 10 Machine Learning Companies 2020

  FEATURE |  By Cynthia Harvey,
  September 22, 2020

• NVIDIA and ARM: Massively Changing The AI Landscape

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  September 18, 2020

• Continuous Intelligence: Expert Discussion [Video and Podcast]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 14, 2020

• Artificial Intelligence: Governance and Ethics [Video]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 13, 2020

• IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI

  FEATURE |  By Rob Enderle,
  September 11, 2020

• Artificial Intelligence: Perception vs. Reality

  FEATURE |  By James Maguire,
  September 09, 2020

• Anticipating The Coming Wave Of AI Enhanced PCs

  FEATURE |  By Rob Enderle,
  September 05, 2020

• The Critical Nature Of IBM’s NLP (Natural Language Processing) Effort

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  August 14, 2020