[<prev] [next>] [day] [month] [year] [list]
Message-ID: <009d01c37d2c$9f719540$550ffea9@rms>
From: rms at computerbytesman.com (Richard M. Smith)
Subject: VeriSign hires Omniture to snoop on typos
Hi,
Here's another interesting angle on the Verisign Site Finder Web site.
VeriSign has hired a company called Omniture to snoop on people who make
domain name typos. I found this Omniture Web bug on a VeriSign Site
Finder Web page:
http://verisignwildcard.112.2o7.net/b/ss/verisignwildcard/1/G.2-Verisign
-S/s03509671784255?[AQB]&ndh=1&t=17/8/2003%2010%3A39%3A28%203%20240&page
Name=Landing%20Page&ch=landing&server=US%20East&c1=www.elinkprocess.com/
html/minibank_1000.html&c2=www.elinkprocess.com/html/minibank_1000.html%
20%2803/00%29&c12=Yes&c13=03&c14=No&c15=00&c16=Yes&c17=15&c22=NOT%20SET&
g=http%3A//sitefinder.verisign.com/lpc%3Furl%3Dwww.elinkprocess.com/html
/minibank_1000.html%26host%3Dwww.elinkprocess.com&r=http%3A//www.google.
com/search%3Fas_q%3Dmini-bank%2B1000%26num%3D100%26hl%3Den%26ie%3DUTF-8%
26oe%3DUTF-8%26btnG%3DGoogle%2BSearch%26as_epq%3D%26as_oq%3D%26as_eq%3D%
26lr%3D%26as_ft%3Di%26as_filetype%3D%26as_qdr%3Dall%26as_occt%3Dany%26as
_dt%3Di%26as_sitesearch%3D%26safe%3Dimages&s=1024x768&c=32&j=1.3&v=Y&k=Y
&bw=1024&bh=538&ct=lan&hp=N&[AQE]
The query string of the URL contains the usual things such as the Web
page URL, the referring URL, browser type, screen size, etc. This query
string is built on the fly by about 50 lines of JavaScript embedded in
the Verisign Web page.
The Omniture server sets a cookie so that people can be watched over
time to see what typos they are making.
Here's a bit more about the Omniture snooping service:
http://www.omniture.com/announcement.html
Note to Omniture: Yes, I was using Google to research security issues
with the Mini-Bank 1000 ATM, but my interests are purely academic. ;-)
Richard M. Smith
http://www.ComputerBytesMan.com
Powered by blists - more mailing lists