User Blocking Considered Harmful? An Attacker-controllable Side Channel to Identify Social Accounts
EuroS&P, pp. 323-337, 2018.
This paper presents a practical side-channel attack that identifies the social web service account of a visitor to an attackeru0027s website. Our attack leverages the widely adopted user-blocking mechanism, abusing its inherent property that certain pages return different web content depending on whether a user is blocked from another use...More
Full Text (Upload PDF)
PPT (Upload PPT)