jmke

To see all of this in action, just open up Chrome and log in to your favorite financial website. Like most important sites, it should be protected with HTTPS/SSL encryption and that should be evident in the address bar of the browser. Do the stuff you would normally do like look at your balances and gawk at your latest transactions and then open up a new tab in Chrome by clicking the “+” symbol. In the right-hand history search box, enter a few keywords and see what they get you. Surprised? I bet you are. No luck? Then try something simple like oh Visa, Mastercard, balance and account. Also try out the names and abbreviations of months like September, Sept and Sep.

If you’re like me, you probably saw account balances and some transaction details, but if you further refine your keywords you’d be able to see a lot more. We first discovered this “problem” by browsing the forensicfocus.com forums. “Problem” is in quotes because we’re not sure if this is a true vulnerability or Google Chrome’s search function working as intended – in this case, just too damn good. While playing around with the forensic implications of Chrome, “Jelle” on the forums posted that he and his partner noticed the browser was indexing information from HTTPS sites.

http://www.tgdaily.com/content/view/39176/108/

__________________