Bugtraq mailing list archives
Re: cache cookies?
From: Wham Bang <wham_bang () YAHOO COM>
Date: Mon, 18 Dec 2000 13:40:16 -0800
Kee Hinckley [nazgul () SOMEWHERE COM] wrote:
Yes, it's really not a cookie, and I wish they hadn't used that term. It's primarily useful for seeing if a user has visited a particular site recently.
Actually, you can use this to create the equivalent of a cookie. This is described in the paper. This part *isn't* about finding out whether or not you've visited some other site. It's about getting some piece of information stored on your computer even though you've disabled cookies. The idea is that you can write arbitrary files into a user's cache. The presence or absence of a file constitutes a single bit of information which can then be retrieved using the timing attacks that we are discussing. So to get you to store the eight bit value "01001010" I just need to get you to cache the following bunch of (one pixel, transparent) images: http://my.site.com/track/01000000.gif http://my.site.com/track/00001000.gif http://my.site.com/track/00000010.gif with the presence of each in the cache denoting an "on" bit. The paper also addresses how to read the bit associated with a particular file without overwriting it (ie causing the file to be cached). Essentially, this involves using the Referer header to distinguish read or write access to the bit and cache-control headers to allow read-only access. Quite clever really. I haven't done any testing to see how reliable it is, but the authors got pretty good results. BTW, as someone else pointed, you can find the paper at http://www.cs.princeton.edu/sip/pub/webtiming.pdf. I hope this is helpful, ===== Wham! <wham_bang () yahoo com> __________________________________________________ Do You Yahoo!? Yahoo! Shopping - Thousands of Stores. Millions of Products. http://shopping.yahoo.com/
Current thread:
- Re: cache cookies?, (continued)
- Re: cache cookies? Dan Harkless (Dec 16)
- Re: cache cookies? MadHat (Dec 18)
- Re: cache cookies? Steve Shockley (Dec 16)
- Re: cache cookies? Rossen Raykov (Dec 16)
- Re: cache cookies? Nick Lamb (Dec 18)
- Re: cache cookies? Thomas Reinke (Dec 18)
- Re: cache cookies? Dan Harkless (Dec 16)
- Re: cache cookies? Kee Hinckley (Dec 16)
- Re: cache cookies? Szilveszter Adam (Dec 18)
- Re: cache cookies? James Taylor (Dec 19)
- Re: cache cookies? Szilveszter Adam (Dec 18)
- Re: cache cookies? Rob Lemos (Dec 18)
- Re: cache cookies? Wham Bang (Dec 18)
- Re: cache cookies? Lincoln Yeoh (Dec 19)
- Re: cache cookies? Wham Bang (Dec 19)