* Ted Lemon wrote: >On Nov 20, 2013, at 5:43 PM, Bjoern Hoehrmann <[email protected]> wrote: >> Online advertisers are happy to help you identify your targets and put >> code on their computers, <http://en.wikipedia.org/wiki/Malvertising>. > >Malvertising is a scattershot approach, not a targeted approach. If >you have access to a lot of demographic data, you may with some >difficulty be able to target an attack to an individual, but scraping >the HTTP at the server is a _lot_ easier. Making that impossible >increases the cost of this type of attack significantly.
Modern ads are complex computer programs running on your computer with access to information the ad network associates with "you", information associated with the page the ad is on, and the ability to probe your computer for more information. Instead of scanning through the network traffic the attacker would use these data sources to identify you and attack once identified. Silly example: let's say the ad can know which page it is loaded on and it can persist information that is available when the ad is loaded from the page by the user again. Now that page is https://example.com/~user and the ad is shown to all who visit that page. After some time the ad knows (perhaps through a synchronising server) which user has visited that page most frequently and can infer that's the actual user "user". If an attacker wanted to target someone attending the most recent IETF meeting they might start with booking ads for "People who normally reside in X but are on visit in Vancouver" during the first week of November 2013. Someone with an interest in internationalisation, Uni- code and all that stuff? Probe the system for unusual fonts. -- Björn Höhrmann · mailto:[email protected] · http://bjoern.hoehrmann.de Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de 25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
