Browsers leak installed extensions to sites by Martin Brinkmann on August 29, 2017 in Internet – 26 commentsSecurity researchers have discovered flaws in the extensions systems of all modern browsers that attackers may exploit to enumerate all installed browser extensions.The attack affects all modern browsers. The researchers confirmed it in Chromium-based browsers, and believe that it affects other browsers like Firefox or Edge which use the same extensions system as well. Firefox’s legacy add-on system is also vulnerable to the attack.Chromium-based browsers like Google Chrome, Yandex and Opera, and Firefox-based browsers like Firefox or Pale Moon, and Microsoft Edge, are affected.All browsers protect extension data from being accessed directly by websites visited in the web browser. The past has shown however that sites may use various techniques to scan for installed add-ons.We talked about this in Are you identifiable by extensions, logins and your browser, and Fix Firefox resource URI leak.When extensions were first introduced, websites were not blocked from accessing local resources. Mozilla and Google introduced controls to block sites from accessing these resources. This is handled by access control settings that declare all resources extensions use as private by default in Firefox, Chromium-based browsers and Microsoft Edge.Safari uses a different protection mechanism as it randomizes resource URIs instead.The security researchers discovered a way to enumerate installed browser extensions in the newest versions of web browsers. The “timing side-channel attack” may be used to enumerate the installed browser extensions by monitoring the browser’s response to resource access.When a site requests access to a resource of an extension in the browser, the browser needs to run two checks to see if the extension exists, and if the resource that the site wants to access is publicly available.By monitoring the response, attackers, may identify the reason behind a request denial. The site measures the time it takes to return a request for a fake extension with fake resource and the time it takes to request a real extension with a fake path.By comparing the time, installed extensions are revealed. According to the researchers, their approach can be used to determine with 100% accuracy if extensions are installed in a modern web browser.By telling apart the two centralized checks that are part of the extension settings validation (either because of the side-channel or because of the different exception behaviors), it is possible to completely enumerate all the installed extensions. It is sufficient for an attacker to simply probe in a loop all existing extensions to precisely enumerate the ones installed in the system.Closing WordsThe attack relies on extension IDs and some code. The researchers grabbed about 10000 Chrome and Firefox extension IDs each and uses the information in test runs.”Real” attackers would have to do the same, and could use the information for browser fingerprinting or targeted attacks against specific browser extensions.Since these attacks rely on scripts, any script blocker protects against it. (via Born / Bleeping Computer)SummaryArticle NameBrowsers leak installed extensions to sitesDescriptionSecurity researchers have discovered flaws in the extensions systems of all modern browsers that attackers may exploit to enumerate all installed browser extensions.Author Martin BrinkmannPublisher Ghacks Technology NewsLogo Advertisement
Capacity for both Norwegian and Sterling on their new combined routes will total 31 per cent and 30 per cent respectively when operations begin, it has been revealed.Both carriers are set to combine cheap flights to Copenhagen, Demark from Oslo in Norway and Stockholm in Sweden from September 15th.However, they will continue to market, price and sell tickets for their flights independently.Neither carrier has mentioned the possibility of a full merger or acquisition.Reports suggest the two airlines are waiting to see how the new deal will compare with the performance of competing carrier SAS.Commenting on the decision last week, Reza Taleghani, CEO of Sterling, and Bjorn Kjos, CEO of Norwegian, emphasised the efficiency and flexibility that the new agreement will bring for both operators.The deal will also provide passengers with more choice over which timetabled routes they may take between destinations. ReturnOne wayMulti-cityFromAdd nearby airports ToAdd nearby airportsDepart14/08/2019Return21/08/2019Cabin Class & Travellers1 adult, EconomyDirect flights onlySearch flights Map RelatedNorwegian and Sterling join forcesSterling Airlines has entered into a joint agreement with Norwegian Air ShuttleNew winter routes from Oslo from Norwegian AirNorwegian Air Shuttle has announced that it will be adding five new routes to its winter schedule next month.Two airlines confirm new flights from CopenhagenCimber Sterling and Norwegian have announced new routes from Copenhagen Airport.