Re: Questions and Observations From a New user

From: Jules Bean <jules jellybean co uk>
To: Jim Mayer <jmayer rochester rr com>
Cc: balsa-list gnome org
Subject: Re: Questions and Observations From a New user
Date: Mon, 5 Nov 2001 07:30:10 +0000

On Sat, Nov 03, 2001 at 01:57:17AM -0500, Jim Mayer wrote:
> (10) Can the built in HTML viewer be configured to fetch and display 
> images?  If so, it isn't at all obvious how.

Just so you know (maybe you already do) this behaviour would be a
gross security hole. It would potentially 'leak' your email address
and hence browsing habits to all of the sites you visit.

A brief example:

Suppose an advertising company stores a unique cookie on your machine.
This means they can monitor your browsing habits; however most people
would not see this as particularly scary, since it would be totally
anonymous.

However, if some spammer working with them sends you an email with a
link to an 'image' called spike.cgi?email=your@email.com, then your
browser (this is assuming we used gecko) would send the cookie as
well, and the remote site would now be able to associate an email
address with the cookie.

They could then analyse the logs and produce a detailed user profile
of your browsing...

Jules

Follow-Ups:
- Re: Questions and Observations From a New user
  - From: Jens Askengren

References:
- Questions and Observations From a New user
  - From: Jim Mayer

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]