4 comments

[ 3.2 ms ] story [ 20.2 ms ] thread
New Side-Channel attack allows AI trained algorithms to determine individual user information from any browser.
That's not entirely as accurate as phrased.

More accurately, researchers have discovered side-channel attacks that make an old attack effective again.

The actual "unmasking" technique here is actually not new at all. What is new is the ML-based side-channel that leaks whether images or other protected resources are successfully loaded.

In theory, wouldn't Firefox's newly-released "Total Cookie Protection" prevent this, if indeed it works as advertised?

https://blog.mozilla.org/en/products/firefox/firefox-rolls-o...

Alternatively, wouldn't you be able to hobble this by just disabling JavaScript?

(Side thought: Remember all those "Flash is bad! Flash is insecure! Flash is malware!" arguments? JavaScript is demonstrably just as bad, maybe even worse, as evidenced by this and literally thousands of other possible attacks it enables...)