Ad targeters are pulling data from your browser’s password manager - The Verge


33 bookmarks. First posted by LowellRobi december 2017.


RT : Ad targeters are pulling data from your browser’s password manager
from twitter
11 weeks ago by ciphpercoder
Nearly every web browser now comes with a password manager tool, a lightweight version of the same service offered by plugins like LastPass and 1Password. But…
from instapaper
january 2018 by mathewi
Nearly every web browser now comes with a password manager tool, a lightweight version of the same service offered by plugins like LastPass and 1Password. But…
browser  privacy  security  from instapaper
january 2018 by geekzter
Ad this to the list of reasons for why you absolutely should be running protective software when browsing the web. I run 1Blocker, Ghostery and Better.
january 2018 by thingles
Nearly every web browser now comes with a password manager tool, a lightweight version of the same service offered by plugins like LastPass and 1Password.
Archive 
january 2018 by plouf
The researchers examined two different scripts — AdThink and OnAudience — both of are designed to get identifiable information out of browser-based password managers. The scripts work by injecting invisible login forms in the background of the webpage and scooping up whatever the browsers autofill into the available slots. That information can then be used as a persistent ID to track users from page to page, a potentially valuable tool in targeting advertising.
Security  passwords  t  browsers 
january 2018 by paulbradshaw
Another example of the growing similarities between ads and XSS. Ad blockers don’t just improve your experience; they improve your security, too.
security 
january 2018 by shiflett
Nearly every web browser now comes with a password manager tool, a lightweight version of the same service offered by plugins like LastPass and 1Password.
january 2018 by pitiphong_p
Favorite tweet: jcstearns

Publishers - are digital ads on your sites enabling this kind of privacy invation and tracking of your readers? Do you know? https://t.co/0jcunypGjg http://pic.twitter.com/ChJ5lE97n9

— Josh Stearns (@jcstearns) January 1, 2018

http://twitter.com/jcstearns/status/947922865093038080
IFTTT  twitter  favorite 
january 2018 by tswaterman
According to new research from Princeton's Center for Information Technology Policy, [password] managers are being exploited as a way to track users from site to site. The researchers examined two different scripts — AdThink and OnAudience — both of are designed to get identifiable information out of browser-based password managers. The scripts work by injecting invisible login forms in the background of the webpage and scooping up whatever the browsers autofill into the available slots. That information can then be used as a persistent ID to track users from page to page, a potentially valuable tool in targeting advertising.
advertising  privacy  km 
january 2018 by osi_info_program
+1. FWIW, this latest bit of adtech has caught my attention:

tl…
from twitter
january 2018 by douglevin
RT : This is evil. Another reason to hate ad targeters.
from twitter
january 2018 by camflan
The scripts work by injecting invisible login forms in the background of the webpage and scooping up whatever the browsers autofill into the available slots. The plugins focus largely on the usernames, but according to the researchers, there’s no technical measure to stop scripts from collecting passwords the same way. The only robust fix would be to change how password managers work, requiring more explicit approval before submitting information. “It won't be easy to fix, but it's worth doing,” says Arvind Narayanan, a Princeton computer science professor who worked on the project. In the case of AdThink, that information was also being funneled back to Axciom, a massive consumer data broker, presumably to be added to the growing file on whoever was visiting the site.
january 2018 by sechilds
via Pocket, Ad targeters are pulling data from your browser’s password manager
ifttt  pocket 
january 2018 by snehavii
RT : Ad targeters are pulling data from your browser’s password manager
from twitter_favs
december 2017 by girma
Oh, ugh. Ad targeters are pulling data from your browser’s password manager
from twitter
december 2017 by Ssivek
Diabolical. Have to appreciate the evil brilliance of the adtech engineer.
s 
december 2017 by jgordon
Highly disturbing - Ad targeters are pulling data from your browser’s password manager
from twitter
december 2017 by bytebot
Annnnd yet another reason I run a
from twitter
december 2017 by nicksergeant
RT : JFC.

Ad targeters are pulling data from your browser’s password manager
from twitter_favs
december 2017 by kohlmannj