The attack described on the first page of TFA didn't involve any 'reconstruction'. They were able to access the web histories by stealing cookies and using them to access the web histories Google provides. In the second page they talk about using the cookies to view a users' Google Suggest results.
Still, this is relatively unsurprising. If you snoop on my non-https transmissions, yeah, you can get a lot of information that I consider private. It would be nice if everything were https (the EFF has been pushi
Totally agreed. One of the first things I do when I do a new install (for me personally) is to make sure in FF that either I have cookies turned off or to have FF ask me everytime. its just like noscript, where yes, it can get annoying for a while, but then once your whitelist is fairly complete it is very worth it. Or you can just always start FF in a private browsing session too.
Reconstructing? (Score:5, Informative)
The attack described on the first page of TFA didn't involve any 'reconstruction'. They were able to access the web histories by stealing cookies and using them to access the web histories Google provides. In the second page they talk about using the cookies to view a users' Google Suggest results.
Still, this is relatively unsurprising. If you snoop on my non-https transmissions, yeah, you can get a lot of information that I consider private. It would be nice if everything were https (the EFF has been pushi
Re: (Score:1, Insightful)
Cookie white-listing seems saner and saner.
Re:Reconstructing? (Score:1)