- How to stream NFL Sunday Ticket without DirecTV 5 Years Ago
- How to watch Arizona State vs. Utah Today 4:00 AM
- How to watch Michigan vs. Penn State Today 4:00 AM
- How to watch Florida vs. South Carolina Today 4:00 AM
- How to stream Manchester City vs. Crystal Palace Today 1:00 AM
- How to stream Tottenham Hotspur vs. Watford Friday 9:00 PM
- How to stream Barcelona vs. Eibar Friday 6:00 PM
- How to stream ‘Bigfoot’ Silva vs. Gabriel Gonzaga in BKFC Friday 6:00 PM
- Demi Lovato’s nude photos allegedly leaked on Snapchat Friday 3:07 PM
- NBA TV is the new streaming service for basketball fanatics Friday 3:02 PM
- California residents will get cell phone alerts seconds before earthquakes Friday 2:29 PM
- How to stream Real Madrid vs. RCD Mallorca Friday 2:00 PM
- Trump accused of ‘using the language of ethnic cleansing’ regarding Kurds Friday 1:42 PM
- Hillary Clinton also thinks Tulsi Gabbard is a Russian bot Friday 1:13 PM
- TikTok girls dancing to voicemails from sh*tty exes is a vibe Friday 12:34 PM
‘Geo-inference’ can reveal your location in all mainstream browsers
Time to start clearing your browser cache.
Many of the world’s most popular websites and browsers are leaking your location, right down to your country, city, neighborhood, and home address, according to new research from the National University of Singapore.
A “geo-inference attack” allows virtually anyone with a website—even if they don’t have your permission—to narrow down a person’s country, city, and neighborhood by measuring the timing of browser cache queries related to increasingly ubiquitous geo-location services like Google and Craigslist.
The leakage is widespread in the U.S., Australia, Japan, Singapore, and the U.K., affecting an average of 62 percent those countries’ respective Alexa top 100 websites, according to researcher Yaoqi Jia. It affects Chrome, Firefox, Internet Explorer, Opera, and Safari, he said.
This is a “new attack” with a “big impact,” Yaoqi told the Daily Dot. “It’s the first to utilize timing channels in browsers to infer a user’s geo-location.”
“No existing defenses are efficient to defeat such attacks,” Yaoqi asserted.
Even Tor, the anonymizing network dedicated to protecting the user’s anonymity and location, does not protect perfectly against this attack. However, “it deploys good protection features,” Yaoqi said, and is likely the best browser defense one has against geo-inference attacks.
The vulnerability stems from the fact that some of the world’s most popular websites are “location-oriented,” meaning they’re necessarily aware of visitors’ location information. Craigslist sites let users narrow their search by city or even neighborhood. Google directs users to a country-specific page—Google.com is just for the U.S., for example; Canadians get Google.ca. And then there are services like Google Maps, which caters to exact addresses and remembers specifically where almost all of its users live.
The problem comes when the location information known by sites like Google and Craigslist leaks and becomes available to third parties that have no permission to know where you live.
All browsers use memory cache in order to quickly load frequently used websites. Files you’ll see again and again are saved to your computer, saving the time it would take to repeatedly download them.
But that deeply entrenched practice isn’t necessarily secure. An attacker can measure exactly how long it takes to load these resources and, with that information, narrow down your location—potentially down to your exact address.
To do that, an attacker needs to set up a website containing scripts that probe caches in browsers. By measuring image load time, an attacker can see that the local cached image loads more than 100 times more quickly than any other. So with a few lines of code, your country is exposed.
To find your city, the attacker uses the same idea with websites like Craigslist. By measuring the load time of Craigslist’s 712 city-specific websites, it’s a quick bit of code and arithmetic to narrow down location even further.
Locating your neighborhood is as easy as taking these same kind of tricks and using them against Google Maps and other map services. An attacker will measure how fast a user loads specific cached map tiles and once again narrow down location to within a few blocks.
Browsing in incognito mode is only a half-fix. While resources aren’t cached after the incognito session is over, they are cached during the session, so a user remains vulnerable. And virtual private networks, which obscure a person’s IP address and location, still don’t affect browser caches.
Tor protects against the attack by leaving less cached resources and better sorting of what is cached that in some cases disallows attackers from checking cache from another domain. The browser is still susceptible in some less frequent ways, though. The latest testing by researchers showed Tor Browser version 22.214.171.124 is definitely susceptible, and judging from comments from Tor developers, it appears the problem is at least receiving significant attention if it hasn’t been fixed already.
Yaoqi has two suggestions for users looking to protect their information: “Never give additional permissions to unfamiliar sites or open it for a long time” and “clear [your] cache after visiting a site with your credentials, e.g. online banking sites.”
That’s a tough ask for the vast majority of Internet users who—let’s face it—almost never clear their cache.
Read the full research paper below:
Photo via heiwa4126 (CC BY 2.0)
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.