Firefox PoC: history extraction through non-destructive cache timing

For more information about this proof-of-concept, please go here. The basic idea is to test the possibility of quickly, sort-of reliably, and non-destructively colecting browsing history data by observing cache timings. Such attacks are usually regarded as fairly impractical, and unlike with CSS :visited selectors, there appears to be no realistic plan to address them.

This proof-of-concept is a quick hack, and I had no chance to test it with a broad audience. It will probably fail for some users, but in general, it should perform well. The code is Firefox-specific, although the approach itself is fully portable. My earlier version works in multiple browsers, but only for about 50% of all users.

The script thinks you have recently visited the sites shown in green:

...

Weird results or no results? Ping me at lcamtuf@coredump.cx.