Web Analytics Made Easy -
StatCounter So, tell me this. Just how much can you find out? - CodingForum

Announcement

Collapse
No announcement yet.

So, tell me this. Just how much can you find out?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • So, tell me this. Just how much can you find out?

    Hello, I'm new to the forum. I'm viewing this from a User point of view - non technical.

    So, just how much can you find out about me with your code? In answering, do not violate TOS - just simple yes/no will do.

    1) Can you read the client's browser history?
    2) Can you read other people's cookies on the client?
    3) Can you read the client's Favorite list?
    4) I've read here (or it was implied) that you could even grab my email address, if you wished. True?
    5) What about previous forms entry, if I have the remember feature turned on? Can you read all that, too?

    What else have I been too ignorant to ask?

    How do you, the savvy techy, protect yourself when surfing the web? How can I protect myself?

    Through the school of hard knocks I've learned a little and have taken a few steps toward a more secure experience. I now use Windows XP, XP's firewall and a proxy server. I have a low-limit credit card for e-transactions or I use a service like PayPal.

    So, what do you say? Will you advise a non-techy user? What advise would you give your mama? (Assuming, of course, you liked her!)

    Thanks for your time. I love reading all the posts. I learn something everytime.

  • #2
    none of the 5 things you listed are possible, excepting possibly due to bugs in browsers.

    generally, i set up everything for my mom myself, because she just has no clue whatsoever.
    bluemood | devedge | devmo | MS Dev Library | WebMonkey | the Guide

    i am a loser geek, crazy with an evil streak,
    yes i do believe there is a violent thing inside of me.

    Comment


    • #3
      As far as the first part of your post is concerned, hang on to your hat, the "techie" forum members will (I am sure) surprize you....

      For the protection side from spam and virusus, firewalls and anti virus programs provide limited protection, once you click the button to download your e-mails the virus is on its way, has two minor hurdles and then has free access to your address book.

      I use a new (read beta) program that scans the e-mails while they are still on the server, once the emails have been scaned and displayed I decide if I want to download or errase the e-mails, THEN I down load them.

      I also keep my address book seperate from the e-mail program (actualy, I use the all popular, steam powered, - Outlook Express). The address book is 448bit encripted, so just in-case I do get a virus, it is not going to replicate its self through my address book to my clients.

      The mail scanner is free at the moment from here..



      Maidensoft (in New Zealand of course)

      The address book is avaialable soon, but will be a small charge. (So I am told, I don't work for these guys, but I do know them)

      I understand they may be charging for all their products soon as the response and feedback has been briliant.

      Hope this has been of some help.


      Tonz
      Beware, the Cybertooth tiger cometh

      Comment


      • #4
        all of those things are nearly impossible apart from the cookies due to a bug in IE you can (altho im not going to explain how of course) show the cookie of another page and save it to a file with asp for example
        photoshop too expensive? use the GIMP! www.gimp.org

        Comment


        • #5
          You could take a look at this:

          http://www.gemal.dk/browserspy/

          Has a whole lot of things - probably everything that's possible.

          Quيet Storm Designs ~ Art is not what you see, but what you make others see.
          · the Storms· || ·Ultraviolent Winter· || ·Was Einstein Wrong?· || ·It´s About Time!·

          Comment


          • #6
            When you use IE, anything can become possible.

            Even Opera has had its fair share of security issues (some particularly nasty ones), and with Gecko - issues have been made apparent (though at far less frequency than other browsers), but are rapidly fixed to the point they show up in the very next nightly, or the one after that.

            By design though, none of that is possible, though #1 is doable (and documented) using signed scripts (in NS), which explicitly ask the user if they want to do this.
            jasonkarldavis.com

            Comment


            • #7
              And just to confirm #1.

              Code:
              <html>
              <head>
              <title>Displaying the History List - Netscape</title>
              </head>
              <body>
              <script language="JavaScript">
              <!--//
              netscape.security.PrivilegeManager.enablePrivilege('UniversalBrowserRead');
              	for (i=0;i<history.length;i++){
              		document.writeln('<h3><a href="'+history[i]+'">'+history[i]+'</a></h3>');
              		document.close();
              	}
              //-->
              </script>
              </body>
              </html>
              Spookster
              CodingForum Supreme Overlord
              All Hail Spookster

              Comment


              • #8
                so, it's just like sex . . .

                to be completely, 100% safe one must abstain from surfing at all.

                thanks for all the replies.
                very eye-opening.

                Comment

                Working...
                X