RE: Is the FBI using email Web bugs?

["Gary E. Miller" <gem () rellim com>]

Yo Todd!

On Thu, 8 Jan 2004, Todd Burroughs wrote:

> I was wondering what "Web Bug" was, got figuring that it was simply
> clicking (or automatically clicking) on a link.

A web bug can be much more than that.  When you read an HTML email or
web page your workstation can send back gobs of information aount you.

For a benign web bug check out awstats: http://awstats.sourceforge.net.
It is an automated system for collecting web user data.  It collects
some interesting data on the user using the "awstats.js" web bug.
        screen size
        operating system
        browser type and version
        java support
        pdf support
        flash support
        etc....

It could easily return any data that is available to the local javascript
engine.  Depending on security setting it could read/write any file or
registry on your local workstation.

More malicious "web bugs" are out there.  Like active-X controls that
install silently and log all your keystrokes.  My daughter found several
that just pop up porn links on the desktop randomly.  Spammers use "web
bugs" to turn your IE into silent spam bots.

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701
        gem () rellim com  Tel:+1(541)382-8588 Fax: +1(541)382-8676

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html