Nowadays, many websites provide a broad range of features, with capabilities being added every day. But new research shows that numerous browser functionalities are rarely used or even needed by websites; however, they pose significant privacy and security risks to users.
A team of researchers at the University of Illinois, Chicago (UIC), has shown that many unnecessary browser functionalities pose substantial security and privacy risks for users. “For example, browsers allow websites to perform low-level graphics calculations,” said Peter Snyder, a graduate student of computer science at UIC. “We found that this functionality is rarely used on honest websites, but that malicious sites can use it to harm users’ privacy and security.” Snyder adds that allowing websites to access this feature is a “bad cost-benefit tradeoff.”
Besides low-level graphic calculations, other examples of low-benefit, high-risk features include code that allows browsers detect light levels in a room, perform fine-grained timing operations and advanced audio synthesis operations.
The team used Firefox as their test browser, but they explain that the findings should generalize to other browsers, including Chrome and Internet Explorer.
If you want to improve your privacy and security levels, researchers advise blocking website access to unnecessary, risky browser functionality. To help users with this task, the team developed a browser extension that allows selective blocking of these features.
Source:
University of Illinois at Chicago via ScienceDaily (https://www.sciencedaily.com/releases/2017/10/171023181510.htm)
Chanwoo's Weekly Tech 