On 23-Jul-09, at 10:39 PM, Bil Corry wrote:
Wan-Teh Chang wrote on 7/23/2009 9:29 PM:
On Thu, Jul 23, 2009 at 7:10 PM, Bil Corry<[email protected]> wrote:
Can someone explain the security concerns with DNS prefetching
from a HTTPS site?
The concern is privacy. Prefetching DNS for host names referenced
in an HTTPS page leaks some info contained in that page.
Thanks for the response. Who is the data being leaked to? The DNS
provider? The advisory sniffing packets off a public hotspot?
And what information is being leaked? The hostname(s) that are
referenced on the HTTPS page?
I'm just trying to understand the complete risk involved.
I think you've got it. Obviously, anyone in a position to watch your
traffic maliciously can already perform rudimentary traffic analysis
to determine that you have, for instance, an https connection to
gmail. But with prefetch enabled, they could potentially harvest a
significant amount of information about the contents of your emails by
watching all the prefetch requests ("I've seen 12 prefetch requests
for intranet servers under ibm.com, I bet he's an employee", or "I
wonder if his wife knows how much email he's getting from
adultfriendfinder.com").
On regular http connections, this kind of disclosure is obviously
inevitable since the page contents themselves are visible to
eavesdroppers, but when the connection is over https, there is a
reasonable expectation of some privacy, so we try to preserve it as
much as possible.
Cheers,
Johnathan
---
Johnathan Nightingale
Human Shield
[email protected]
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
