Interesting People mailing list archives
IP: Friendly Trojan (fwd)
From: Dave Farber <farber () cis upenn edu>
Date: Mon, 18 Dec 2000 17:17:41 -0500
From: Paul Tanenbaum <pjt () ARL ARMY MIL> Subject: Friendly Trojan Date: Mon, 18 Dec 2000 12:55:14 EST All, In an otherwise unrelated email message, Dave Towson wrote the following, which I thought this crowd might be interested in: PaulAt home, I clear the web cache for both IE and Netscape with every boot, so any info that could be gleaned from the cache would only apply to the current day's browsing. And at work, I clear the caches each day at 1700 via the Windows task scheduler. But I recently encountered another form of snooping that may be far more pervasive than I realize. I received a message from a friend saying she had sent me an electronic birthday card that I could pick up at a specified web site. When I picked it up, it played some music that was billed as being encoded in MIDI format. There was a note near the bottom of the page that offered a free music playing browser plugin that sounded pretty neat, so I investigated. In the "fine print" when I went to download the plugin was a cryptic note about the plugin including "webhancer" technology. That raised a flag with me, so I searched for and found a pointer to webhancer. It is a client that runs in the background and sends to the webhancer site information on such things as DNS lookup times, connection speeds, page opening times and page abandon rates. It does this for all web-related activities, and not just for the one that Trojaned it into your system. Now, I wonder how many other freebies carry such Trojans and don't have the courtesy to warn the recipient. Dave
For archives see: http://www.interesting-people.org/
Current thread:
- IP: Friendly Trojan (fwd) Dave Farber (Dec 18)