LocalSheriff browser extension prevents the leak of personal data to malicious websites
To most common internet users, browsing the web for whatever purpose it may serve them can be quite risky and dangerous. The URL, the most commonly clicked link is also the most commonly tracked piece of information that hackers and other malicious internet users use to gather a user’s browsing history, health data, address, and other sensitive personal information.
These URLs often contain information that could otherwise lead to another web page containing sensitive information about the user. These URLs which provide sensitive information without the user knowing it are called TellTale URLs.
One sample of a TellTale URL is the address, donate.mozilla.org. If a user finished processing the payment, the page redirects to a thank you page. Upon closer examination of the thank you page, one could easily notice that the URL contains sensitive information such as email, country, amount and payment method. But normally, an average user will not pay attention to such URL. And this is what scrupulous individuals have been waiting for to exploit.
This is just one example of how a seemingly harmless URL could pose a threat to an individual’s privacy and security online. Other risks of TellTale URLs include leaking information to a plethora of third-parties most often without the user’s consent. What’s even worst and dangerous is the fact that most websites are not aware that they are leaking sensitive information.
The good news is that this problem is not hard to fix. It only requires the utmost commitment from website owners to preserve the user’s basic right to privacy. And with a little help from a browser extension called LocalSheriff which helps in monitoring network traffic, understanding first-party-third party relationship.
Once installed, LocalSheriff monitors interactions between first-party and third-party, classifies what URL is first-party and third-party, maps which domain belongs to which company and provides an interface that users can use to search for values that are private and see which websites leak such values to third-parties.