Skip to main content

Taking Caching Seriously - Imran Parray








What is Caching ?


According to techTarget.com
Caching (pronounced “cashing”) is the process of storing data in a cache.
A cache is a temporary storage area. For example, the files you automatically request by looking at a Web page are stored on your hard disk in a cache subdirectory under the directory for your browser. When you return to a page you've recently looked at, the browser can get those files from the cache rather than the original server, saving you time and saving the network the burden of additional traffic.


So How Caching Can Cause serious Problems:


1. Whenever the User visits any website and if some of the contents like (css,Js) files are cached it can cause exposure of URL histories,HTTP headers,HTML forms,and Sometimes Cookies any transaction which uses GET request can be revealed.


2.Sometimes Words entered by a user via the keyboard are stored in the android user dictionary for future auto correction that same dictionary will be available to the all the other applications in the mobophone. So if an user is inputting his sensitive information like username and passwords the keyboard can cache those keys and store those keystrokes in the dictionary and sometime what happens as for better user experience those keystrokes are uploaded online to the application servers data. So if the Application company faces any data break the application users can be effected directly.

3. Apps may cache camera images which remain available after the app has finished. Cached images pose a threat of leaking personal and private information to hackers which could ruin not only a company’s reputation but also the personal identity of an individual. The recent hack in the iCloud revealed personal and private images of many celebrities which allowed the general public access into their lives. Other threats that could arise out of this are bullying and blackmailing of an individual.


4. Application screens retained in memory enable transaction histories to be viewed by anyone with access to the device who can directly launch the transaction view activity. Malicious applications are sometimes created and launched by hackers. These apps can read data from retained screens of another application which sometimes holds payment transaction history, account number etc.
If you think you are really making it convenient for consumers by caching their data (think again!), there is a bigger price to pay which no convenience is able to compensate for. Convenience can take you only so far, accountability for consumer privacy and security is a key ingredient in making you successful in the long haul.

What Ordinary Peoples Think about Caching ?


Most of the peoples think that most of the web apps and MoboPhone apps allows only less sensitive information to be cached. I agree Sometimes the information which are being cached is not so much sensitive like email addresses and username but those information can be used by hackers to perform different Social Engineering attacks.


So i Think its better to disable caching in all possible places as it can  reveal your sensitive information related to individuals.
Thank You For reading.
Imran parray

Comments

  1. Play The Emperor Casino Online for Free or Real Money
    Play The Emperor Casino Video Slot Machine at Shootercasino! 제왕카지노 Enjoy งานออนไลน์ our wide variety of casino games and 메리트 카지노 enjoy the thrill of a Free Spins game!

    ReplyDelete

Post a Comment

Popular posts from this blog

New Working Shopping Site SQLi Dorks

Most Important XSS Cheat Sheet

How to Install Mosh on you Linux ec2 Instance