RE: Is the FBI using email Web bugs?

[<tlarholm () pivx com>]

Can we blow off the FUD on images embedded in HTML mails? Whenever I see
the term "Web Bug" used I know that I will have to find factual
information on the subject discussed from another source.

"Web Bug" is just a sensationalized term for an HTTP request made from
an email. Sure, one use of those HTTP requests could be to track if you
have read the email, just like one use of cookies could be to track your
websurfing across multiple sites and build a profile on your surfing
habits, political belief, marrital status and sho size.

Any technology can be used for both good and bad. Cookies are most
definitely used for more good than bad in a scale of the thousands, and
other than spammers trying to verify email addresses by making an HTTP
request from an HTML mail there has not really been any other use of
"Web Bugs".

Some products even try to profit from the fear, uncertainty and doubt
concerning scare terms such as "Web Bugs", like Privoxy claiming to
block these "Web Bugs" - only now, they are not labelled as images in,
or HTTP requests made from, HTML mails, they are labelled as small 1x1
images served from a webpage used for gathering visitor statistics.

If I wanted to spy on somebody or pry on their surfing habits, "Web
Bugs" in whatever label they have this week or the next is the last
thing I would ever consider. To get some perspective, just compare how
many SpyWare backdoors that people have voluntarily installed to get a
free Timer or Calendar application.


Regards

Thor Larholm
Senior Security Researcher
PivX Solutions
24 Corporate Plaza #180
Newport Beach, CA 92660
http://www.pivx.com
thor () pivx com
949-231-8496

PivX defines "Proactive Threat Mitigation". Get a FREE Beta Version of
Qwik-Fix
<http://www.qwik-fix.net> 

-----Original Message-----
From: Richard M. Smith [mailto:rms () computerbytesman com] 
Sent: Wednesday, January 07, 2004 7:24 AM
To: full-disclosure () lists netsys com
Subject: [Full-disclosure] Is the FBI using email Web bugs?


Hmm, is an "Internet Protocol Address Verifier" just an email Web bug?
If so, the suspect should have been using Outlook 2003 which blocks 'em.
;-)
 
Richard
 
Feds thwart extortion plot against Best Buy
http://www.startribune.com/stories/535/4304797.html

The federal search warrant was obtained the morning of Oct. 24 and
allowed the FBI, with Best Buy's cooperation, to use an Internet device
known as an Internet Protocol Address Verifier. It contained a program
that automatically sent back a response to Best Buy after the company
sent a message to the e-mail address. The response allowed investigators
to identify Ray as the sender of the e-mail threats, according to the
government.

Assistant U.S. Attorney Paul Luehr said the address verifier was one of
several investigative tools the government used to track Ray down.

"It was a tool that helped us confirm that other leads were moving in
the same direction," said Luehr, who declined to discuss details of the
investigation.

Ray faces a maximum of two years in prison and a $250,000 fine for
property and reputation extortion. He faces a maximum sentence of five
years in prison and a fine of $250,000 for threats to damage computers.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html