Internet Explorer Vulnerable To Browser History HijackingResearchers found that 1% of the world's most popular websites can force Microsoft's IE to reveal every past website visited unless private browsing controls are enabled.
(click image for larger view)
Slideshow: How Firesheep Can Hijack Web Sessions
Is your browser history safe? According to security researchers, attackers -- or just curious websites -- can "sniff" every website previously visited by your browser.
For example, researchers found that 485 of those 50,000 websites use code that can deduce a browser's history, 63 transfer the history to their network and 46 completely hijack the browser's history. These sites include Youporn, an adult website that's one of the world's 100 most popular websites, reports Alexa , which ranks websites based on traffic.
Beyond history sniffing, the researchers also studied and found multiple examples of related techniques: cookie stealing (using a cookie to "see" other cookies), location hijacking (using cookie sniffing to force the user to visit a website) and behavior tracking (recording how a user moves the mouse over the screen).
When it comes to history hijacking, current versions of most browsers -- including Firefox, Chrome and Safari -- are immune, but Internet Explorer is not. To block such attacks, IE users must enable "private browsing."