Vulnerability Development mailing list archives
NetSol using Email cookies to ID users
From: George <georger () NLS NET>
Date: Wed, 9 Aug 2000 18:26:02 -0400
Recently I've been getting spams from Network solutions, it appears they are sending a newsletter called "TheDotComNews" to everyone who has registered a domain name. Each time I get one (I have a number of domains) and go to read it in Outlook Express I get a warning from Atguard about an attempt to put a cookie on my machine. Upon viewing the source of the email I find this line of code <img src="http://graphics.e-dialog.com/graphics/1009315104|||965764965&&&Q3_enews letter_0803netsol"> it is a simple blank image they use in order to get your email program to go and touch their server which then places a cookie on your machine. I'm assuming this cookie identifies you so if you follow any of the links in the email they can track who you are and which pages you viewed. (since they sent you an email based on your domain registration they know exactly who you are). This to me seems like a pretty major invasion of privacy and in light of the recent US governemt stance on cookies I think it is totally inappropriate for an outfit like Network Solutions to be using a technique like this. I also think Microsoft should answer as to why there is no off switch for this in Outlook Express so users can protect their identity from anyone who feels like sending them an email using a technique like Network Solutions is using. Geo.
Current thread:
- NetSol using Email cookies to ID users George (Aug 10)
- Re: NetSol using Email cookies to ID users Jim Archuleta (Aug 13)