CSO – University researchers have developed a technique that governments and Internet service providers could use to bypass secured Internet connections and gather valuable personal information.
The “analysis attack” on HTTPS traffic had an 89 percent accuracy rate in determining the Web pages a person visited, according to University of California, Berkeley, researchers. Such tracking made it possible for the researchers to gather information on medical conditions, sexual orientation, financial status and whether a person is involved in a divorce or bankruptcy proceeding.
The study looked at more than 463,000 page loads on 10 widely used, industry-leading websites. Healthcare sites included those of the Mayo Clinic, Planned Parenthood and Kaiser Permanente; financial sites belonged to Wells Fargo, Bank of America and Vanguard; legal services sites belonged to the American Civil Liberties Union and Legal Zoom; and video-streaming sites included Netflix and YouTube. (Read More)