Feeds

Fresh privacy fears over IE 8 Suggested Sites

Promiscuous URL sharing not a great idea, warns top Cambridge researcher

Security for virtualized datacentres

A top security researcher has called for Microsoft to rethink aspects of its Suggested Sites feature in IE8. The optional feature in the next version of Microsoft's browser allows users to "discover websites you might like based on sites you've visited", as Microsoft explains it.

When the feature is activated, the addresses of sites visited are sent to Microsoft, alongside informations such as IP address, browser type, regional and language settings, in an encrypted form. Microsoft draft IE8 privacy policy explains that "information associated with the web address, such as search terms or data you entered in forms might be included".

Microsoft was able to allay concerns that data from secure sites might be sampled or that the feature might be used to serve up targeted advertising in response to our earlier queries on the technology, prompted in response to posts by privacy activists on the No Deep Packet Inspection campaign website. However, concerns about the privacy implications of the technology remain.

Cambridge University security researcher Richard Clayton, who carried out an analysis of Phorm for the Foundation for Information Policy Research (FIPR), said full URL sharing via Suggested Sites poses a privacy and security risk. In particular he warns Microsoft should avoid sharing data submitted by surfers with other users of the service.

Microsoft should be clearer about explaining the risks as well as the benefits of the service, he adds.

In order for Microsoft to suggest other websites that you might like to look at, they need to know where you've been visiting lately. If you're embarrassed about saying where that is, then you leave the new feature turned off and no harm is done.

However, if you turn it on, then it appears that you hand over the entire URL of where you've visited. On some sites that's essential: if you've been on blogger.com, then knowing which of the eight million blogs you visited will matter. However, on other sites, that full URL may hold clues to your identity, give permissions to others to access the site, or compromise your privacy or security in some other manner.

The risk that someone at Microsoft decides to use that URL for wickedness are rather small - but what if they hand off the URL to someone else with similar tastes, for them to try visiting the places that you go to. Suddenly all that "security through obscurity", the pious hope that no one could possibly guess that URL, goes up in smoke.

Microsoft could do better, by minimising the data transfer, and only obtaining longer URLs for the sites, like blogger.com, where it actually matters. In the meantime, they should spell out the risks up front, along with the benefits... or did they genuinely think that there weren't any risks?

Clayton's response, which came in response to a request by El Reg for his opinion on the privacy implications of the technology, moves on the debate about whether Suggested Sites allows users a richer surfing experience or creates more problems than it solves.

Microsoft told us that when InPrivate (aka pron surfing) mode is applied within IE8, then Suggested Sites is temporarily turned off. "Data about secure HTTPS sites visited, intranet sites or local files on the PC" is excluded at all times, it added.

Microsoft went on to say that IE8 does "not send back any elements of data in the body of a rendered page" a statement that sits oddly alongside an explanation in the draft privacy policy) from IE 8 that "information associated with the web address, such as search terms or data you entered in forms might be included" in data submitted when Suggested Sites is turned on. We're still waiting for a clarification from Microsoft on this point. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
NASTY SSL 3.0 vuln to be revealed soon – sources (Update: It's POODLE)
So nasty no one's even whispering until patch is out
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Forget passwords, let's use SELFIES, says Obama's cyber tsar
Michael Daniel wants to kill passwords dead
FBI boss: We don't want a backdoor, we want the front door to phones
Claims it's what the Founding Fathers would have wanted – catching killers and pedos
Kill off SSL 3.0 NOW: HTTPS savaged by vicious POODLE
Pull it out ASAP, it is SWISS CHEESE
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
Admins! Never mind POODLE, there're NEW OpenSSL bugs to splat
Four new patches for open-source crypto libraries
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.