Communications of the ACM
Bloated Browser Functionality Presents nnecessary Security, Privacy Risks
Researchers at the University of Illinois at Chicago have identified browser functionalities that post security or privacy risks.
Credit: github.com/alrra/browser-logos
Researchers at the University of Illinois at Chicago (UIC) have identified browser functionalities that are rarely used or needed by Websites, but which pose security and privacy risks.
The researchers theorized that blocking Website access to unnecessary browser functionality would help reduce these risks.
They examined the costs and benefits associated with sites having access to 74 different types of functionality, collectively known as a Web application programming interface. The team then measured how frequently each of these features was used on Websites, and how likely each was to risk security or privacy.
UIC's Peter Snyder says features with a low benefit to users, but a high security risk, were flagged as those that could be blocked to improve security. The researchers then developed a browser extension that enables users to selectively block browser functionality to improve online safety.
They will present their findings next week at the ACM Conference on Computer and Communications Security (CCS 2017) in Dallas, TX.
From UIC News Center
View Full Article
Abstracts Copyright © 2017 Information Inc., Bethesda, Maryland, USA
No entries found