Privacy violations can be so useful

Have you noticed that, after you visit a web page, links to that web page change color, usually a lighter shade of blue? That’s one of the earliest User Interface wins of the web, a feature that dates all the way back to the first version of HTML. How convenient to be able to tell, at a glance, which links you’ve already visited!

Here’s the snag. When your browser changes the color of a link because you’ve visited it, it’s actually marking that link’s style as “visited”. And with JavaScript code, you can ask the browser “hey, browser, is this link marked ‘visited’?”. In particular, I can put a link on my blog entry right now:

CNN

and if you visit CNN, then that link is marked ‘visited’, and if I run a bit of JavaScript, I can tell whether you visit CNN. I could also have links to Fox News, MSNBC, the NRA, Planned Parenthood, the League of Women Voters, the Obama web site, the Clinton web site, the McCain web site, etc. and by checking whether you’ve visited all of those, I can get a pretty good sense of your political opinions. And I can send it back to my server. And I can make those links really tiny, even invisible, so you don’t know they’re there, but I can still check if your browser marked them as “visited.”

Aza Raskin recently pointed out how this could be useful for reducing the number of social bookmarking links you see on articles: just show the ones the user actually visits. (In fact, he rediscovered something Nial Kennedy mentioned a couple of years ago, and about which web security researchers have already published a handful of papers.) Yes, indeed. Useful. And in the case of Aza’s code, not evil because it benevolently chooses not to report the info back to the server.

But still… a little bit scary, no?