[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Is the FBI using email Web bugs?
- To: William Warren <hescomingsoon@verizon.net>
- Subject: Re: [Full-Disclosure] Is the FBI using email Web bugs?
- From: petard <petard@freeshell.org>
- Date: Wed, 7 Jan 2004 18:33:15 +0000
On Wed, Jan 07, 2004 at 12:34:58PM -0500, William Warren wrote:
> Astaro security Linux has a webproxy that has an option(which i use) to
> block web bugs....:)
>
How can it tell web bugs from any other HTTP requests? The only thing
that makes a URL contain a web bug is that I only sent it to you. So if
I control images.example.com, and I send you and only you an email
that includes the image
http://images.example.com/faces/smile.png
but on the server smile.png is a script that records information from
your HTTP request before generating an image of a smile, how does your
proxy distinguish my web bug from a normal image? They only look like
obvious web bugs if I need to track thousands of recipients. If I've
targeted you, you just can't tell.
Regards,
petard
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html