Your browser is obsolete!

The page may not load correctly.

Spies are everywhere

Шпиономания

Other issues in this category (27)
  • add to favourites
    Add to Bookmarks

Automatic Tracking

Read: 24052 Comments: 2 Rating: 10

Thursday, August 17, 2017

We all enjoy having words from the most popular search queries appear in the search bar as we're typing. It helps us enter text faster. It’s very convenient. But few people realise that those auto suggestions appear because the search engine involved already possesses certain information about them. So it appears that any text we enter can be intercepted and sent to anyone.

This task is facilitated by scripts that run on the user’s end. In most cases a loaded page in a browser is essentially a running program: the images, video, audio, and text we see are generated using code that makes webpages interactive. You can't see the code, but it’s there, and you have no idea what it’s doing.

Companies offering all kinds of services make us fill out forms on their sites. In those forms we specify our email addresses and other personal information. Of course, we can change our minds and refrain from submitting our data, but as it turns out, the information can wind up in the hands of a third party even if one closes a page without pressing "Submit".

Some Gizmodo journalists discovered that hundreds of websites use JavaScript code produced by NaviStone, a company that offers website visitor deanonymization services. The code surreptitiously collects all the data users specify in web forms (including home address), even before the data is submitted. The information gathered using the JavaScript code gets sent to a NaviStone server.

When asked how NaviStone unmasks anonymous users, the company's spokesperson replied that the company uses proprietary technology that is not yet patented.

http://www.securitylab.ru/news/486828.php

On the pages of the Anti-virus Times, we often tell our readers about banking Trojans that modify user-entered information and about phishers who change how webpages look. All of this can be achieved automatically using transparent JavaScript code. And that code can be malicious.

#surveillance #JavaScript

The Anti-virus Times recommends

Dr.Web Anti-virus can analyse scripts, including those run in browsers, but far from all scripts are fraudulent or malicious. Although sometimes the line is very thin.

  • Never divulge anything more about yourself or others than you absolutely have to because, as a rule, you don't know who will be using the information. Scripts can transmit it to anybody.
  • Disable JavaScript in your browser. Many sites remain operational without it.
  • And, of course, use an anti-virus which will ensure the scripts that are run on your computer aren't malicious.

[Twitter]

Tell us what you think

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.

Comments