Privacy watch: Many browsers have unnecessary functions that could compromise your online security


Today’s technological landscape makes for a seemingly unlimited marketplace of various browser functionalities and features that compromise a user’s privacy and security, a recent study suggests. As part of the study, a team of researchers at the University of Illinois at Chicago has examined the potential cost and benefits of websites with complete access to up to 74 different types of web application programming interfaces or APIs.

The researchers used Firefox as the study’s test browser due, in part, to its popularity as an open-source browser. According to the experts, results obtained from the Firefox browser test should be taken as generalized findings because it has access to a nearly identical array of features and capabilities as other common browsers such as Internet Explorer and Chrome. The scientists then assessed the frequency in which the features were used. Furthermore, the researchers evaluated the potential of each feature as a security or privacy risk. According to the research team, features with low user benefits but high security risk were flagged.

The findings showed that about a quarter of all the APIs in Firefox placed a user’s security and privacy in jeopardy. However, the research team noted that these risks could be mitigated without breaking websites. According to the experts, blocking a risky feature simultaneously reduced the amount of codes that a website could access.

“Ultimately we saw that about 25 percent of web API posed high risks to security and privacy and could be blocked without breaking websites. For example, browsers allow websites to perform low-level graphics calculations. We found that this functionality is rarely used on honest websites, but that malicious sites can use it to harm users’ privacy and security. The less code you have available through the web API, the safer websites you’ll have,” researcher Peter Snyder told Science Daily online.

In line with this, the research team developed a browser extension that enabled users to selectively block browser features in order to boost safety and security. Likewise, the web browsing firm Brave has expressed plans of incorporating parts of the study into its open-source browser called Brave Browser. The company has been established by the inventor of JavaScript and the co-founder of Mozilla. (Related: Privacy under attack as internet “fingerprinting” tracks your every move.)

The findings were presented at the Association for Computing Machinery Conference on Computer and Communications Security in Dallas, Texas.

Secure your browser with these expert tips

Browser security has become an increasingly worrisome topic over the past few years due in part to the rapid increase in technology adoption. Separate entries posted on TheStar.com and the How To Geek website have listed a few smart tips to boost browser security. These tips include:

  • Regularly update the browsers and enable automatic updates.
  • Refrain from using password managers as the details can be encrypted and used.
  • Discourage Flash and Java Runtime from automatically running for all websites.
  • Install click-to-play plug-ins.
  • Uninstall unnecessary plug-ins.
  • Regularly update plug-ins.
  • Run an anti-exploit program.
  • Exercise caution when running browser extensions.
  • Install a 64-bit Web Browser.

Sources include:

ScienceDaily.com

TheStar.com

HowToGeek.com



Comments
comments powered by Disqus

RECENT NEWS & ARTICLES