lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <6.0.1.1.2.20050225154533.04ca5070@mail.mindtheater.net>
From: nekramer at mindtheater.net (Nancy Kramer)
Subject: Fw: Google Search and Gmail Correlation

If you run the Google Toolbar they do know where you have been surfing on 
the web.  They do record it.  That's how you "pay" for the Toolbar.  Your 
theory sounds correct to me.

Regards,

Nancy Kramer
Webmaster http://www.americandreamcars.com
Free Color Picture Ads for Collector Cars
One of the Ten Best Places To Buy or Sell a Collector Car on the Web


At 04:28 AM 2/25/2005, Colin.Scott@...lc.com wrote:


>A little OT but I was pondering the other day about something.
>
>Remember the Axis network camera "inurl" search that exposed internet
>facing LAN cameras? Well I noticed that lots of those cameras are
>configured on high ports. 7000 for example. Now, I wondered how Google gets
>those cameras into its cache. Ok so there may be a web facing link
>_somewhere_ that references the URL... but when you search there are
>hundreds of these cameras in Google's cache. Now are Google going to tell
>us that they got there merely from web links? Is Google doing port scans
>when it finds an IP? Probably not.... So how about the Googlebar secretly
>updating Google's cache when we use these things?
>
>Just a ponder, please dont flame me if its been covered before, I havent
>got my flame-proof trousers on today!  :)
>
>Cheers,
>
>Colin.
>
>
>
>
>
>
> 
>"?d?m Szilveszter
>              dr." 
>                <adam@....hu> 
> To              Sent 
> by:                  full-disclosure@...ts.netsys.com 
> full-disclosure-b                                          cc 
>   ounces@...ts.nets 
>     ys.com                                                Subject 
>                                 Re: [Full-Disclosure] Google 
> Search                                        and Gmail 
> Correlation                            24/02/2005 
> 12:12 
>
>
>
>
>Hello Cody,
>
>I think that what you are observing is this: the cookie you get when
>visiting your gmail account is valid for the whole google.com domain, and
>therefore will be transferred again when you do web searches as well.
>
>As you write, this is not a bug per se, the cookie mechanism is working as
>expected.
>
>It is also obvious that such an approach may raise privacy concerns.
>
>Now, *if* google wanted to mitigate this problem, it would be easy. They
>should migrate the gmail service web frontend to a subdomain (say:
>gmail.google.com) or even a whole new domain (gmail.com exists already but
>www.gmail.com merely redirects) and make the cookie only valid in that
>domain/subdomain.
>
>The questions is, do they want to do this?
>
>And yes, for now, if you are privacy conscious, delete the cookie before
>doing a Google search (or using any other Google service).
>
>Regards:
>
>Szilveszter Adam
>Budapest
>Hungary
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
>
>
>***********************************************************************************
>
>This e-mail is confidential and may contain privileged information.  If 
>you are not the addressee or if you have received the e-mail in error, it may
>be unlawful for you to read, copy, distribute, disclose or otherwise use 
>the information which it contains.  Under these circumstances, please 
>notify us immediately by returning this mail to 'mailerror@...lc.com' and 
>deleting this e-mail from your system.
>
>Any views expressed by an individual within this e-mail do not necessarily 
>reflect the views of Cadbury Schweppes Plc or its subsidiaries.  Cadbury 
>Schweppes Plc will not be bound by any agreement entered into as a result 
>of this email, unless its intention is clearly evidenced in the body of 
>the email.  Whilst we have taken reasonable steps to ensure that this 
>e-mail and attachments are free from viruses, recipients are advised to 
>subject this mail to their own virus checking, in keeping with good 
>computing practice. Please
>note that email received by Cadbury Schweppes Plc or its subsidiaries may 
>be monitored in accordance with the prevailing law in the United Kingdom.
>
>***********************************************************************************
>
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
>
>
>
>--
>No virus found in this incoming message.
>Checked by AVG Anti-Virus.
>Version: 7.0.300 / Virus Database: 266.4.0 - Release Date: 2/22/2005


-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.300 / Virus Database: 266.4.0 - Release Date: 2/22/2005

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ