Interesting People mailing list archives
A matter of privacy in Web browsers
From: David Farber <farber () central cis upenn edu>
Date: Sun, 13 Nov 1994 16:13:00 -0500
Date: Sun, 6 Nov 1994 23:33:55 -0800 From: march () europa com (Marc H.) Subject: Re: HTTP, New Browsers, & Privacy Ed Kubaitis <ejk () uiuc edu> wrote, in V03 #21, about HTTP_FROM, an environment variable passed by some web browsers to HTTP servers. The variable contains the user's email address as entered in their "Preferences," and Ed expressed concern over possible logging of email addresses by marketers or other web sites. I'm glad to see this issue raised again; I brought it up some months ago when AT&T opened their "youwill.com" contest, for which they asked users to submit a web form-based survey. (Adam Curry, who was apparantly involved in the project and who was surprised to hear address-gathering from forms was even possible, assured several posters that no logging was taking place at AT&T's site.) First off, a list of the browsers supporting this variable (with version numbers known to be inclusive; earlier versions may also belong here, and later versions almost certainly do): MacMosaic 2.0.0a6 Lynx/2.3 BETA Emacs-W3/2.1.54 OmniWeb 0.7.4.1 AIR_Mosaic(16bit)(demo)/v3.06.05.03 MidasWWW/2.1 Mozilla 0.9b (Netscape) [all platforms] I collected this information during September of this year (with the exception of Netscape); this list will hopefully prevent some duplication of work, but it is _not_ intended as a blacklist. NCSA Mosaic for X and Windows, MacWeb, Global Wide Help & Information System (GWHIS), Chimera, and Spry's Enhanced Mosaic all do not send HTTP_FROM. As a CGI (Common Gateway Interface -- a protocol for running scripts on web servers) programmer, I am very much in favor of browsers supporting HTTP_FROM. Good use of the variable can allow automation of repetitive tasks, which is the whole point. I've used it several times to offer a default return-address for mailing scripts, which both alerts the user to the capability, and allows him or her to alter the address if they choose. I see HTTP_FROM as similar to ftpd's familiar "Guest login ok, send your complete e-mail address as password" prompt: any program or server that asks users for their email addresses is completely open to receiving a false address, or none at all, from those users. On the other hand, Ed's reaction -- and Adam Curry's, and that of other people to whom I've mentioned HTTP_FROM -- indicates that plenty of web users don't know this capability exists. I found out myself only by running a script similar to Ed's (http://www.uiuc.edu/cgi-bin/printenv) to list all environment varibles sent -- after having been assured by several people that the web was completely anonymous, what I was seeking didn't exist, etc. To use my example above, ftpd is quite explicit about its logging, but more recent ftp clients (such as ncftp) -- and the browsers listed above -- are not. I see this as the real problem. Explicit warnings and documentation seem to be the best solutons. I'm not sure what Lauren meant when he noted, "future versions of the Netscape browser will probably be distributed with the name/address feature defaulting to off." It seems to me that this is already the case -- the user has to enter his or her email address for the variable to work. What I would like to see is a much more explicit preferences dialog, one that warns the user about possible logging by web sites. I would disagree with any assertion that particular browsers should be avoided because of HTTP_FROM. At worst, particular preferences dialogs should be avoided. At best, all browsers could provide a menu option -- similar to "Auto-load images" -- that would allow the user to turn "Privacy" on or off. This is not a web-specific issue. Interested readers are referred to RFC 1413, "Identification Protocol," <URL:http://www.cis.ohio-state.edu/htbin/rfc/rfc1413.html>, which details a more-reliable, transparent, and generalized implementation of TCP connection logging. I think it only prudent to assume that any site you visit on the net could keep a log of your visit; and that as time passes, more and more sites -- particularly commercial sites -- will do just that. Browse carefully; the junk mail "you will" receive may be at stake. I support Lauren's call for regulation of the use of such information. M. Hedlund <march () europa com>
Current thread:
- A matter of privacy in Web browsers David Farber (Nov 13)