lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.53.0401090215010.5746@test1900.meganameservers.com>
From: todd at hostopia.com (Todd Burroughs)
Subject: Is the FBI using email Web bugs?

On Thu, 8 Jan 2004, Gary E. Miller wrote:

> Yo Todd!
>
> On Thu, 8 Jan 2004, Todd Burroughs wrote:
>
> > I was wondering what "Web Bug" was, got figuring that it was simply
> > clicking (or automatically clicking) on a link.
>
> A web bug can be much more than that.  When you read an HTML email or
> web page your workstation can send back gobs of information aount you.

I didn't explain myself.  I probably shouldn't being sending this,
as it is noise on the list but I can't resist...

This "web bug" (fucking marketing people, that's where this name came
from) thing is obvious and has existed for a while.  (like since they
invented the Internet...)  (and don't tell me how it is different now,
the concept has been there all along)

As I mentioned, if you send information to a server, do not expect
that that information  will not be used.  I said that at a *minimum*,
they would get your IP address.  Obviously, they will get much more.

The whole situation boils down to: if you send *any* server *any*
information, they can use it as they want.

READ THIS MS USERS
If you use mail clients that send information (I mean anything) back to
a server without your express consent, DO NOT EXPECT PRIVACY.  This is
the way the Internet works.  BTW, this is not exclusiove to MS users.

I work in the hosting business, we harvest info from web logs to determine
a lot of things.  If I wanted to be malicious, I could easily and trivially
do a lot more.

I'm bitching about the length of this thread, not that someone started
it, we need to be open about everything, but if it becomes useless,
it needs to be moved to private email, etc.

Todd


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ