Mozilla Lightbeam Add-On Shows Risk of Third Party Sites
The Lightbeam add-on renders the primary and third party Web sites visited in each case.
Only a few minutes after taking the original images, the count for the second case increased from 66 to 90.
Why is this a problem? From a security perspective:
- The more third party Web sites required to render a primary site, the more opportunities intruders have to introduce malicious content.
- The more third party Web sites required to render a primary site, the more complex the primary site becomes, and the less likely it will perform as intended. We're seeing this at work (or not at work, perhaps) with healthcare.gov.
From a privacy perspective:
- The Lightbeam rendering shows relationships among the 4 primary Web sites and the third party sites. In the first image, mlb.com and nhl.com share third party sites and therefore could potentially access data about users from each other. mlb.com and google.com are separate from each other.
- In the second image, all of the primary Web sites are interconnected. This means it is possible for them to share data about user activities. This is how Web sites track you on the Internet.
Update: Up to 95 sites now...
Update 2: Up to 105 sites now...