funsec mailing list archives
RE: The Whitehouse Web site is bugged
From: Dan Renner <dan () losangelescomputerhelp com>
Date: Tue, 27 Dec 2005 13:57:42 -0800
Then all the privacy-prone types should be happy for adware/spyware and the like - seems a lot of our clients think that when this type of software slows doen their computer (6 months after they bought it) they need to get a new one. There goes Webtrends tracking... "Wait! There are FIFTEEN Mrs. Olbloskinatuskas!?" <snicker> -- Sincerely, Dan Renner President Los Angeles Computerhelp Phone: 818-352-8700 Website: http://losangelescomputerhelp.com Blog: http://itdiaries.com On Tue, 2005-12-27 at 14:25 -0600, funsec-request () linuxbox org wrote:
Date: Tue, 27 Dec 2005 15:24:07 -0500 From: "Richard M. Smith" <rms () computerbytesman com> Subject: RE: [funsec] The Whitehouse Web site is bugged To: <funsec () linuxbox org> Message-ID: <4iore0$5kadse () smtp02 mrf mail rcn net> Content-Type: text/plain; charset="US-ASCII" According to the Webtrends P3P "privacy" policy, they intend to figure out who people are via their Webtrends cookies. A pretty odd thing for a Web statistics company to be doing. I always assumed that the company gathers aggregrated statistics. I guess not. It does look like the Bush Administration is making up the rules as it goes along and not telling anyone about them. The real puzzler for me however is why does the Administration apparently not want older Web pages archived in the WayBack Machine? Richard -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Paul Schmehl Sent: Tuesday, December 27, 2005 3:05 PM To: funsec () linuxbox org Subject: Re: [funsec] The Whitehouse Web site is bugged --On December 27, 2005 11:43:56 AM -0500 "Richard M. Smith" <rms () computerbytesman com> wrote:The Whitehouse.gov Web site is bugged! Apparently the Webmasterforthe site has hired Webtrends to track visitors around the siteusingWeb bugs and permanent cookies. Here's the Web bug that I found on the home page of the Whitehouse.gov Web site: <SCRIPT src="/js/stat.js" language="javascript" TYPE="text/javascript"></SCRIPT> <NOSCRIPT> <IMG ALT="" BORDER="0" NAME="DCSIMG" WIDTH="1" HEIGHT="1"SRC="http://statse.webtrendslive.com/DCSArO55rNH8I36lrbe6wexE5_5B8I/njs.g if? dcsuri=/nojavascript&WT.js=No"> </NOSCRIPT> Similar Web bugs can be found on other Web pages at the WhitehouseWebsite. Before 9/11, the Clinton administration said this kind of Webtrackingis a no-no for U.S. government Web sites: http://www.whitehouse.gov/omb/memoranda/m00-13.html Because of the unique laws and traditions about government access to citizens' personal information, the presumption should be that "cookies" will not be used at Federal web sites. Under this new Federal policy, "cookies" should not be used at Federal web sites, or by contractors when operating web sites on behalf of agencies, unless, in addition to clear and conspicuous notice, the following conditions are met: a compelling need to gather the data on the site;Apparently the present administration disagrees. I'm not sure why the government should be prevented from using cookies or other tracking mechanisms. After all, they can be used to improve service, something the government desperately needs to do. Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- The Whitehouse Web site is bugged Richard M. Smith (Dec 27)
- Re: The Whitehouse Web site is bugged Paul Schmehl (Dec 27)
- RE: The Whitehouse Web site is bugged Richard M. Smith (Dec 27)
- <Possible follow-ups>
- RE: The Whitehouse Web site is bugged Dan Renner (Dec 27)
- Re: The Whitehouse Web site is bugged Dude VanWinkle (Dec 28)
- Re: The Whitehouse Web site is bugged Paul Schmehl (Dec 27)