Researchers from the National University of Singapore say that your location may not be secure, with websites able to use your browser cache to identify your country, city, and even your street address. Although there are a number of sites which ask users for location information in order to improve their service, like Google switching to a country-specific page if you are traveling, it has now been revealed that even sites that do not ask for express permission can track user location.
Cyber attack analyzes browser cache
Those sites which are location-specific store information in the browser cache. For example, Craiglist will store information on your city, while Google Maps stores information which could lead a third-party to your street address. These third-parties have special scripts at their disposal, which analyze your browser cache in order to pinpoint your location.
The research team claims that the 62% of the Alexa top 100 websites in the United States, Australia, Japan, Singapore and the United Kingdom are all guilty of leaking some form of location data via the browser cache. The most popular browsers are all affected, including Chrome, Firefox, Internet Explorer and Opera.
Greenhaven Road Capital commentary for the third quarter ended September 30, 2022. Q3 2022 hedge fund letters, conferences and more Dear Fellow Investors, The Fund is enduring its worst drawdown since inception. We were down again in the third quarter, bringing year -to-date returns to approximately -59%. Returns vary by . . . SORRY! This Read More
It has been suggested that one way of reducing your vulnerability to a “geo-inference attack” is to use private browsing, which deletes your browser cache after the session is terminated. However this does leave users open to cyber attacks while they are using specific sites.
Safeguard against geo-inference cyber attack
Perhaps a better solution is the use of the latest versions of Tor. For those of us who are not using the service, it appears that the best way of avoiding this particular cyber attack is to delete your browser cache on a regular basis.
It is surely worth safeguarding your location information in return for having to enter your passwords again on your favorite sites. Those relying on third-party services to hide their real location should delete their cache every day in order to prevent cyber snooping from revealing their whereabouts. Thousands of Canadians watching the U.S. version of Netflix could soon be unmasked if they don’t delete their cache.