Why DO browsers (Fx) allow sites to "see" history_from visited links color

[phkhgh]

How / why is it possible for sites / "others" to figure out which sites / links were visited, when Fx is set to change color of visited links? IOW, why is this allowed?
Other than constantly clearing history, is there any way / addon, etc., to allow changing visited links color & NOT give sites access to links visited on OTHER sites?

For a long time, this "problem" was apparently not widely known, as advanced users frequently posted workarounds to force Fx to change visited links color (if they didn't change automatically); such as adding command to userContent.css. Mods read those posts & also apparently weren't aware of privacy side effects (nor was anyone else).

Why would developers allow ANY persistent Fx / other browsers settings that potentially enable sites to see all sites / links users visited (that are still in their history)?
What makes it so difficult for devs to prevent this from happening & why has it taken so long to address the issue?

For many users, if "change visited link color" is effectively disabled, it reduces browser function tremendously, like on sites w/ long lists of articles, etc. Quite a conundrum.
MANY sites / articles discuss this issue. One link from another poster- article by David Baron, Mozilla Corporation: https://hacks.mozilla.org/2010/03/priva ... /#comments

Quote:

It's been widely known for a while that CSS's ability to style visited links differently from unvisited ones, combined with other Web technology such as JavaScript or simply loading of background images, lets Web pages determine whether a URL is in the user's history very quickly [emphasis added] and without any interaction from the user. This is true in current versions of all major Web browsers. I have a solution that I believe fixes this problem, and therefore helps users keep their history private when they use a Web browser implementing that solution.

Another "reliable" site says: https://hacks.mozilla.org/2010/03/priva ... /#comments

Quote:

...someone can walk through your history and figure out where you’ve been. And quickly – some tests show the ability to test 210,000 URLs per minute.

[Hungry Man]

It's incredibly useful for websites to know how users are getting to them. Though I may be confusing what issue you're trying to talk about.

[Pedro]

He's not talking about referrers. It's about reading your whole history with js.

I thought that vulnerability was patched, at least by Mozilla. Now i don't know.

[SirDrexl]

Is this related to your concern? http://www.azarask.in/blog/post/socialhistoryjs/

[phkhgh]

Yes, Pedro - you're correct. Recent posts I've read indicated that issue may NOT be fixed, but I can't find anything official, saying that.

SirDrexl, sorry - but don't do India sites. Can you summarize?

I still don't understand why browsers would implement designs that allow sites to read users' history. Having visited links change color is an extremely useful feature to many users.

Has anyone else read about any fixes actually implemented?
This privacy bug was around for yrs.

Maybe that LONG standing issue is fixed - sometimes official release notes don't mention things, or are worded so strangely, doesn't register for most users. I'll look again / try searching bugzilla, but searches often fail, even when there's a perfect match.

[SirDrexl]

Well, it's a script that checks for visited links to certain sites, in order to show the social networking buttons that would be relevant to a visitor.

Quote:

How does SocialHistory.js know? By using a cute information leak introduced by CSS. The browser colors visited links differently than non-visited links. All you have to do is load up a whole bunch of URLs for the most popular social bookmarking sites in an iframe and see which of those links are purple and which are blue. It’s not perfect (which, from a privacy perspective, is at least a little comforting) but it does get you 80% of the way there. The best/worst part is that this information leak probably won’t be plugged because it’s a fundamental feature of the browser.

[phkhgh]

SirDrexl, that's basically what the other links I listed said.
Obviously, some sites & Moz devs talked about possible fix, but I never heard / read it was implemented. Have you? I read all changes / fixes for every Fx release.

On another very large (not security focused) site, I got a lot of clueless replies. "Who cares if they see where you've been." "I could care less if someone using my computer sees what sites I visited." Some thought sites could only see links on their own site, or if could see other sites' links, wouldn't be able to figure out which SITES you visited.

It reminds me of answers if asking middle schoolers, "How many ways can STDs be transmitted."

Some are clueless & some don't understand the potential problems this could create for users looking for medical, legal advice; live in repressive country & want to read sites on democracy. I could go on.

[Pedro]

See here:
http://www.mozilla.org/en-US/firefox/4.0/releasenotes/

Quote:

CSS :visited selectors have been changed to block websites from being able to check a user's browsing history

It addresses the issue, and is after the posts you mention (2010). I don't know if there are more methods.

[phkhgh]

This appears to be orig. bugzilla report, in 2002. Bug 147777 - :visited support allows queries into global history. They're STILL discussing it on Bugzilla today (Jun 2012) - TEN YEARS. Seems there may still be some concerns & branch bug reports, having to do w/ CSS & page display, that could be exploited.

Pedro - I see that issue mentioned in Fx 4.0 release notes, saying it was fixed, but they're still discussing issues surrounding bug 147777 (on the orig. bug report).

After it took 8 - 10 yrs to fix an issue many would consider a major privacy concern, my gut says if you're concerned about real privacy, better use a good proxy, Tor or some equivalent - at least for important stuff. Depending on a browser(s) devs to protect your privacy isn't a good bet.

[mirimir]

As I recall, that specific history leak was fixed. However, sites can still probe your cache.

[Snoop3]

i think you can use about:config in Firefox to prevent clicked links from having a different color, i'm not sure which one it is though. i searched "visited" and there is "browser.visited_color" and also "layout.css.visited_links_enabled;false"

but i thought there used to a setting somewhere in Tools >> Options that would stop the link from changing colors.

----------------------------------------------

in Opera its there in Settings >> Preferences >> Webpages, and allows you to select the colors of the "Normal Link Color" and "Visited Link Color", interesting that the "Normal Link Color" is a custom blue color so you have to input numbers to match it in "Visited Link Color" or just select a different standard color that matches for each. Not sure if thats happenstance or they want to make it difficult for a reason.

---------------------------------------------

btw, there's a reason these things don't get fixed - all of these browser companies make their money indirectly from the tracking and profiling that goes on, so they're in on it. They don't want you to be able to browse the net anonymously because their revenue stream will dry up.

[phkhgh]

Yes, Mirimir - I said after (much) research, found they appeared to fix issue of pages using changed color links to "discern" all the links you'd visited, by SUPPOSEDLY changing the CSS info Fx would pass to them (but now, visited link color change doesn't work - well, if at all - for me & many others.)

Quote:

However, sites can still probe your cache.

Iiiii don't like probing... bothers my hems. OK, how do they probe your (entire) cache? Though I may have read something on it, don't remember.

Many users have disk cache enabled - I don't - have plenty of fast RAM & fast CPU. Still interested for spouse's laptop.

Snoop 3 - An interesting idea. How exactly would Mozilla get paid from sites that saw which links you visited & therefore, knew which sites you'd vistited? It's not like they have a contract w/ every site. (Are U Snoop Dog's 3rd "double"?)

[Pedro]

There used to be 2 extension that i think covered these issues, SafeHistory and SafeCache.
Noscript was supposed to address these issues, or Firefox, but i'm not sure how that went.

[mirimir]

Quote:

Originally Posted by phkhgh

Yes, Mirimir - I said after (much) research, found they appeared to fix issue of pages using changed color links to "discern" all the links you'd visited, by SUPPOSEDLY changing the CSS info Fx would pass to them (but now, visited link color change doesn't work - well, if at all - for me & many others.)
Iiiii don't like probing... bothers my hems. OK, how do they probe your (entire) cache? Though I may have read something on it, don't remember.

Quote:

The goal here is to implement fast, reliable, and non-destructive extraction of browsing history by observing cache timings, without exploiting any specific browser quirks.

-http://lcamtuf.coredump.cx/cachetime/-

Quote:

The javascript code on this page attempts to guess if you have recently visited a website by loading an image from the target website. If the loading completes fast (less than 10ms), it is highly likely that it was loaded from browser's local cache as the network latency and speed of most Internet connections cannot deliver sub 10ms speed. If it takes longer, it's not in the cache. To avoid polluting the cache, the loading is interrupted at the 10ms mark. This is important because any subsequent tests will yield the same results.

-http://oxplot.github.com/visipisi/visipisi.html-