lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <20140115013223.5518920152@smtp.hushmail.com>
Date: Tue, 14 Jan 2014 18:32:23 -0700
From: silence_is_best@...hmail.com
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Ubuntu, duckduckgo, and additional info

On 01/14/2014 at 6:22 PM, "Seth Arnold"  wrote:On Tue, Jan 14, 2014 at
05:41:42AM -0700, silence_is_best@...hmail.com wrote:
> Any particular reason when setting duckduckgo as the default search
> and searching from the url bar we get an additional nugget of info
> sent?  Case in point:
> 
> GET /?q=add+duckduckgo&t=canonical HTTP/1.1
[...]
> I didn't add canonical...so why is it there?  In about:config I see
[...]
> Why is this being sent?  Duckduckgo didn't respond, so I thought I'd
> ask here.  Ironic...

This behaviour is documented on the duckduckgo website:

https://duck.co/help/privacy/t
https://duck.co/help/desktop/linux-distributions

Thanks
Thank you for the responses folks.  I'm going to take a stab and say
the distribution.id is where that's held.  It upsets my sense of
neatness when I'm spoofing my UA, only to have tidbits added ;) 
Thanks again. 

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ