谷歌瀏覽器和火狐瀏覽器用戶的所有在線歷史紀(jì)錄可能都被第三方開(kāi)發(fā)商竊取并儲(chǔ)存下來(lái)。
A prominent security researcher found a popular plugin for the Google Chrome and Mozilla Firefox was recording everything users did online.
一位著名的安全研究員發(fā)現(xiàn)谷歌瀏覽器和火狐瀏覽器的一個(gè)常用插件紀(jì)錄了用戶的所有瀏覽歷史。
The software, which is designed to allow users to customise the appearance of how web pages appear inside the web browsers, has been hijacked by spyware.
該軟件使用戶可以定制瀏覽器中網(wǎng)頁(yè)的呈現(xiàn)方式,但它卻被間諜軟件操縱了。
The extension, which has more than 1.8 million users worldwide, may have been recording the browsing history of everyone who uses it.
該插件在全球有180多萬(wàn)名用戶,(如今)它可能紀(jì)錄了每位用戶的瀏覽歷史。
Worse still, this browsing data could be linked to details that make users identifiable in the real world, making them vulnerable to hackers and blackmailers.
更嚴(yán)重的是,這些瀏覽數(shù)據(jù)可能會(huì)連接到某些信息,從而確認(rèn)用戶的真實(shí)身份,而這會(huì)使他們很容易受到黑客和勒索者們的傷害。
The finding was made by Robert Theaton, a software engineer from San Francisco, who discovered the software, dubbed Stylish, had been recording browser history since January 2017, when it was bought by new owners Similar Web.
舊金山的一位軟件工程師羅伯特·希頓發(fā)現(xiàn)了這一事實(shí),他注意到一個(gè)被稱為“Stylish”的軟件自從2007年1月被新的所有者Similar Web(一款市場(chǎng)競(jìng)爭(zhēng)分析工具)收購(gòu)后,就一直在紀(jì)錄用戶的瀏覽歷史。
This allows its new owner, Similar Web, to connect an individual with all of their online activity.
這使得其新的所有者SimilarWeb可以通過(guò)用戶所有的線上活動(dòng)紀(jì)錄連接用戶。
Those who have created a Stylish account on userstyles.org will have a unique identifier that can easily be linked to a login cookie and text files intended to help users access a website faster and more efficiently.
在“userstyles.org”網(wǎng)站上創(chuàng)建過(guò)Stylish賬戶的人將擁有一個(gè)獨(dú)一無(wú)二的識(shí)別碼,這很容易與那些登陸識(shí)別碼和文本文檔相連接,而這些登陸識(shí)別碼和文本文檔是用來(lái)幫助用戶更快地訪問(wèn)一個(gè)網(wǎng)站的。
This means that not only does Similar Web own a copy of any user's complete browsing histories, they also own enough other data to theoretically tie these histories to email addresses and real-world identities.
這意味著Similar Web不僅擁有所有用戶完整的瀏覽歷史,他們還擁有足夠多的其他數(shù)據(jù),使其從理論上把這些瀏覽歷史與用戶的電子郵件地址及真實(shí)身份聯(lián)系在一起。