SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
26 Feb 2018

MIT's Veil service will make private browsing more private

After reports and studies revealed that browsers' private modes aren't that secure, MIT graduate student Frank Wang decided to take things into his own hands.

He and his team from MIT CSAIL and Harvard have created a tool called Veil, which you could use on a public computer -- or on a private one on top of using incognito mode and Tor if you have big secrets to keep or if you've just become paranoid after years of hearing about hacks and cyberattacks.

Wang said in a statement: "Veil was motivated by all this research that was done previously in the security community that said, 'Private-browsing modes are leaky -- Here are 10 different ways that they leak. We asked, 'What is the fundamental problem?' And the fundamental problem is that [the browser] collects this information, and then the browser does its best effort to fix it. But at the end of the day, no matter what the browser's best effort is, it still collects it. We might as well not collect that information in the first place."

MIT explained that data tends to move between different cores in multicore chips and caches, which attackers could access by exploiting flaws. Once those memory banks are full, computers could transfer data to their hard drive, and browsers can't always delete them. Veil works by encrypting a website before showing it on your screen. You'll have to type out a URL on Veil's website instead of your address bar, but it will work whatever browser you use.

The encrypted Veil-version of a website will look like its ordinary counterpart, except it has a decryption algorithm embedded in the page. Without that algorithm, the website will be unintelligible -- with it, the website's data will only be loaded so long as it's displayed on screen. If that isn't enough, Veil was designed to be able to offer even more security features. Its "blinding" server can add a bunch of nonsense code to every page, and no two pages with meaningless codes will be the same.

Further, it can take a picture of the website you want to visit and serve you that photo. The image won't have any executable code, but when you click on parts you want to see, Veil will send you an updated image. It's unclear whether you'll have to endure a considerable lag to load encrypted websites or their photos.

Developers will have to create Veil versions of their websites first, so we can test it out. Wang and his team created a compiler that can automatically do that, but that means you can only use Veil with websites that actively want to support it.

Tags:
data protection trends
Source:
TechCrunch
2117
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015