Bugtraq mailing list archives
Re: Posible privacy problem in Explorer.
From: "http-equiv () excite com" <http-equiv () excite com>
Date: Sat, 9 Sep 2000 13:29:20 -0700
"Guille Bisho" <guille () REDESTB ES> wrote in message news:39B84795.8A32DC4F () redestb es... (snip possible good catch) Good possiblity something fishy going on there. The XMLHTTP object is installed and registered with IE5 and functions without prompt under default settings. The example code below will send an HTTP request to MS, fetch and parse as html the response: <script> function SubmitTrackingInfo(){ var objHTTP = new ActiveXObject("Microsoft.XMLHTTP") objHTTP.open("GET", "http://www.microsoft.com", false) objHTTP.send() xmlDoc=objHTTP.responseText document.write("<html>" + xmlDoc + "</html>") } SubmitTrackingInfo() </script> In the case of the search.msn.com example. There is additional data being sent back to the server: objHTTP.send("BSTR")}function fnInit(store). Clearly the name of the function firing all this: "SubmitTrackingInfo" can suggest some things. More so the recent "ballyhoo'd" anouncement by MS to allow greater control over privacy for their customers, with the addition of a "cookie" privacy control add-on for Internet Explorer 5: http://www.microsoft.com/presspass/features/2000/jul00/07-20cookies.asp So, while _everyone_ else's "cookies" are curtailed by this privacy add-on for Internet Explorer, Microsoft's operations utilise this method of 'non-cookie" tracking? Conspiracy theory of course ;-) but perhaps worth investigating thoroughly by someone with experience as to what exactly is going on? --- http://www.malware.com . _______________________________________________________ Say Bye to Slow Internet! http://www.home.com/xinbox/signup.html
Current thread:
- Posible privacy problem in Explorer. Guille (Bisho) (Sep 08)
- Re: Posible privacy problem in Explorer. Elias Levy (Sep 08)
- Re: Posible privacy problem in Explorer. Kevin van der Raad (Sep 12)
- <Possible follow-ups>
- Re: Posible privacy problem in Explorer. http-equiv () excite com (Sep 12)
- Re: Posible privacy problem in Explorer. CDE Francis (Sep 12)
- Re: Posible privacy problem in Explorer. Sander Goudswaard (Sep 13)
- Re: Posible privacy problem in Explorer. Elias Levy (Sep 08)