Re: Questions and Observations From a New user



On Sat, Nov 03, 2001 at 01:57:17AM -0500, Jim Mayer wrote:
> (10) Can the built in HTML viewer be configured to fetch and display 
> images?  If so, it isn't at all obvious how.

Just so you know (maybe you already do) this behaviour would be a
gross security hole. It would potentially 'leak' your email address
and hence browsing habits to all of the sites you visit.

A brief example:

Suppose an advertising company stores a unique cookie on your machine.
This means they can monitor your browsing habits; however most people
would not see this as particularly scary, since it would be totally
anonymous.

However, if some spammer working with them sends you an email with a
link to an 'image' called spike.cgi?email=your@email.com, then your
browser (this is assuming we used gecko) would send the cookie as
well, and the remote site would now be able to associate an email
address with the cookie.

They could then analyse the logs and produce a detailed user profile
of your browsing...

Jules




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]