kreizihorse - Fotolia

Google Chrome flaw puts privacy at risk

Imperva security researcher urges Google Chrome users to update to the latest version after discovering a vulnerability that could be exploited to uncover private data

A security vulnerability in Google Chrome and all browsers that run the Blink browser engine could enable malicious actors to uncover private data in Facebook and other platforms, a security researcher has warned.

“Attackers could establish the exact age or gender of a person, as it is saved on Facebook, regardless of their privacy settings,” said Ron Masas, a researcher at security firm Imperva.

According to Masas, a potential attacker could use side channel methodology to abuse filtering functions in websites to deduce information such as age, gender, likes and location history of a Facebook user, for example, by using audio and video HTML tags to generate requests to the target site and then monitoring the progress events generated by these requests.

This means that an attacker could “ask” a series of questions about the browser. “For example, a bad actor can create sizeable Facebook posts for each possible age, using the Audience Restriction option, making Facebook reflect the user age through the response size,” he wrote in a blog post.

A large response size would indicate that the restriction did not apply, while small ones would indicate that the content was restricted, showing that a particular user is from a disallowed age or gender.

“With several scripts running at once – each testing a different and unique restriction – the bad actor can relatively quickly mine a good amount of private data about the user,” said Masas.

If the attacker were to run an attack script on a site that requires email registration, such as an e-commerce site, the bad actor could correlate the private data with the login email address for even more extensive and intrusive profiling, he added.

“When a user visits the bad-actor site, the site injects multiple hidden video or audio tags that request a number Facebook posts the attacker previously published and restricted using different techniques,” said Masas. “The attacker can then analyse each request to indicate, for example, the user’s exact age, as it is saved on Facebook, regardless of their privacy settings.”

Imperva reported the vulnerability to Google, which responded by patching the vulnerability in Chrome’s 68 release.

“We strongly recommend that all Chrome users make sure they are running the latest version,” said Masas.

Read more on IT risk management

Data Center
Data Management