| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.LNX.4.58.0401081203050.31460@catbert.rellim.com> From: gem at rellim.com (Gary E. Miller) Subject: Is the FBI using email Web bugs? Yo Todd! On Thu, 8 Jan 2004, Todd Burroughs wrote: > I was wondering what "Web Bug" was, got figuring that it was simply > clicking (or automatically clicking) on a link. A web bug can be much more than that. When you read an HTML email or web page your workstation can send back gobs of information aount you. For a benign web bug check out awstats: http://awstats.sourceforge.net. It is an automated system for collecting web user data. It collects some interesting data on the user using the "awstats.js" web bug. screen size operating system browser type and version java support pdf support flash support etc.... It could easily return any data that is available to the local javascript engine. Depending on security setting it could read/write any file or registry on your local workstation. More malicious "web bugs" are out there. Like active-X controls that install silently and log all your keystrokes. My daughter found several that just pop up porn links on the desktop randomly. Spammers use "web bugs" to turn your IE into silent spam bots. RGDS GARY --------------------------------------------------------------------------- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 gem@...lim.com Tel:+1(541)382-8588 Fax: +1(541)382-8676
Powered by blists - more mailing lists