1Browser SecurityJohn MitchellBrowser and NetworkBrowserNetworku Browser sends requests• May reveal private information (in forms, cookies)u Browser receives information, code• May corrupt state by running unsafe codeu Susceptible to network attacks• Consider network security later in the courseOSHardwareWeb siterequestreplyMicrosoft Issues New IE Browser Security PatchBy Richard Karpinski• Microsoft has released a security patch that closes some major holes in its Internet Explorer browser • The so-called "cumulative patch" fixes six different IE problems ...• Affected browsers include Internet Explorer 5.01, 5.5 and 6.0. • Microsoft rated the potential security breaches as "critical." Tuesday, February 12, 20022Latest patch addresses: • A buffer overrun associated with an HTML directive ... Hackers could use this breach to run malicious code on a user's system. • A scripting vulnerability that would let an attacker read files on a user's systems. • A vulnerability related to the display of file names ... Hackers could … misrepresent the name of a file ... and trick a user into downloading an unsafe file. • A vulnerability that would allow a Web page to improperly invoke an application installed on a user's system to open a file on a Web site. • … more …Browser Security Checkhttp://www.verisign.com/advisor/check.htmlWhat kind of security are they checking?Browser security topicsuCookies• Cookie mechanism, JunkBuster, P3PuPrivacy• AnonymizeruMobile code• JavaScript• ActiveX• Plug-ins• Java– Interesting security modelBasic Browser Sessionwww.e_buy.comwww.e_buy.com/shopping.cfm?pID=269View Catalogwww.e_buy.com/shopping.cfm?pID=269&item1=102030405www.e_buy.com/checkout.cfm?pID=269&item1=102030405Check outSelect ItemAccumulate session information in URLStore info across sessions?uCookies• A cookie is a file created by an Internet site to store information on your computerBrowserServerEnters form dataStores cookieBrowserServerRequests cookieReturns dataHttp is stateless protocol; cookies add stateCookie ManagementuCookie Ownership• Once a cookie is saved on your computer, only the Web site that created the cookie can read it.uVariations• Temporary cookies– Stored until you quit your browser• Persistent cookies– Remain until deleted or expire• Third-party cookies– Originates on or sent to another Web site3Third-Party CookiesuYahoo! Privacy Center• Yahoo! sends most of the advertisements you see • However, we also allow … third-party ad servers … to serve advertisements • Because your web browser must request these … from the ad network web site, these companies can send their own cookies to your cookie file ... • Opting Out of Third-Party Ad Servers– “If you want to prevent a third-party ad server from sending and reading cookies on your computer, currently you must visit each ad network's web site individually and opt out (if they offer this capability).”Example: Mortgage Center<html><title>Mortgage Center</title><body>… http://www.loanweb.com/ad.asp?RLID=0b70at1ep0k9Cookie issuesuProblems• Cookies maintain record of your browsing habits– May include any information a web site knows about you• Sites can share this information (e.g., doubleclick)• Browser attacks could invade your “privacy”08 Nov 2001Users of Microsoft's browser and e-mail programs could be vulnerable to having their browser cookies stolen or modified due to a new security bug in Internet Explorer (IE), the company warned today.Managing cookie policy via proxyBrowserProxyNetworkuProxy intercepts request and response uMay modify cookies before sending to BrowseruCan do other checks: filter ads, block sites, etc.Cookie JarSample Proxy: uCookie management by policy in cookiefile• Default: all cookies are silently crunched • Options– Allow cookies only to/from certain sites– Block cookies to browser (but allow to server)– Send vanilla wafers insteaduBlock URLs matching any pattern in blockfile• Example: pattern /*.*/ad matches http://nomatterwhere.com/images/advert/g3487.gifEasy to write your own http proxy; you can try it at homePreserving web privacyuYour IP address may be visible to web sites• This may reveal your employer, ISP, etc.• Can link activities on different sites, different timesuSome mechanisms exist to keep sites from learning information about you• Anonymizer– Single site that hides origin of web request• Crowds– Distributed solution4Browsing AnonymizersuWeb Anonymizer hides your IP addressuWhat does anonymizer.com know about you?BrowserServerAnonymizerwww.anonymizer.com/cgi-bin/redirect.cgi?url=…Related approach to anonymityu Hide source of messages by routing them randomlyu Routers don’t know for sure if the apparent source of the message is the actual sender or simply another router• Only secure against local attackers!u Existing systems: Freenet, Crowds, etc.Crowds [Reiter,Rubin ‘98]CC4C1C2CCCC3C0senderrecipientCCCCpf1-pfu Sender randomly chooses a path through the crowdu Some routers are honest, some corruptu After receiving a message, honest router flips a coin• With probability Pfroutes to the next member on the path• With probability 1- Pfsends directly to the recipientWhat Does Anonymity Mean? uBeyond suspicion• The observed source of the message is no more likely to be the actual sender than anybody elseuProbable innocence• Probability <50% that the observed source of the message is the actual senderuPossible innocence• Non-trivial probability that the observed source of the message is not the actual senderGuaranteed by Crowds if there aresufficiently few corrupt routersSomething you can try at homeuFind out what sites know about you• Anonymizer.com, other sites will tell you want they can find about your IP address• Many other sites offer this too …Try Private Surfing FREE!Make your online activities invisible and untrackable to online snoops. Just type a URL & click “GO.”www.anonymizer.comGOControlling information from webuData is harmless (?)uRisks come from code received from web• Scripts in web pages• Plug-ins• Applets5JavaScriptuLanguage executed by browseruUsed in many attacks (to exploit other vulnerabilities)• Cookie attack from earlier slide (08 Nov 2001):With the assistance of some JavaScript code, an attacker could construct a Web page or HTML-based e-mail that could access any cookie in the browser's memory or those stored
View Full Document
Unlocking...