Date: Mon, 19 Oct 1998 20:10:51 -0400
Reply-To: "ErikO@ebyte.com" <ErikO@EBYTE.COM>
Sender: Vanagon Mailing List <vanagon@vanagon.com>
From: "ErikO@ebyte.com" <ErikO@EBYTE.COM>
Organization: Ebyte Communications
Subject: Re: Why Porn attack...With van content???
Content-Type: text/plain; charset=us-ascii
I'm afraid not. Cookies cannot be used to gather sensitive information
from the fields in a Netscape preference file. Cookies are passive data
structures that are delivered to the client, stored on the client's hard
drive in a .txt file, and returned in certain situations to the same
server that provided the information in the first place. There was a
beta release of Navigator 3.0 that was flawed and allowed servers to
access some of the preference fields, including email address, but this
was a beta version and the bug was fixed. This had nothing to do with
cookies. This was a Netscape flaw. ActiveX and Java have had similar
breaches, all not cookie related.
Here's what a webserver can find out about you when you request a file.
Service provider.
Operating System.
Browser type.
Screen resolution and amount of colors. (only in IE)
CPU type.
Your service provider's server
Your IP address
What server you were on last
This information may be stored in a cookie and redelivered back only to
the originating server at a later visit. Also, any information that you
may have submitted to the site VIA a form, such as email addresses,
credit cards numbers, ect. This is where the problem is. The site you
submitted the info to can give this info to others if they want,
regardless if they set a cookie or not. Ad networks like "Doubleclick"
use an intricate network of partner sites that all share this info with
each other (yes cookies are involved) in order to discover your
"profile" to target advertising to you. You may think this is a
violation of privacy and alot of people do, but the problem lye in the
confidence breach by the website that YOU submitted the info to. You
gave them the info way before any cookies were set.
If you're curious about what's in your cookie file use your find files
program and do a search for cookies.txt
Speaking of net porn and to cover my obligatory vanagon content...
someone sent me a pretty anonymous email with pics of people naked
around vanagons. Mostly people changing and stuff. I really wasn't able
to tell where it came from as the IP number was somehow masked as a LAN
subnet. Sort of a hard thing to do. It was sent to one of my vanagon
site email accounts so it probably was just someone surfing around. Who
was it ???
:) send more!
Daniel Bey wrote:
>
> Thanks for the info. I still have alot to learn about all of this.
> SeeYa
> DAN
>
> In a message dated 10/19/98 6:02:11 PM, you wrote:
>
> <<Dear Eric,
>
> Not quite.
>
> IF you have your email address set in your browser (under
> Preferences/email/identity), then ANY website can get your email address
> whenever you logon to it with your browser, IF you have enabled cookies.
>
> Thus, if you don't want junk mail AND you like to surf porn sites, then I
> strongly suggest you disable your email address settings in your preferences.
> Otherwise, in no time flat you will be gettin' a ton o' junk!
>
> Cheers,>>
--
_________________________
Erik O Akron, Oh
'82 GTI Powered Westfalia
West.of.Wolfsburg
http://ebyte.com/wow
Greatlakes.Camping.Info
http://ebyte.com/gl
_________________________
Ebyte Communications
http://ebyte.com