homeGeek CultureWebstoreeCards!Forums!Joy of Tech!AY2K!webcam

The Geek Culture Forums


Post New Topic  New Poll  Post A Reply
my profile | directory login | | search | faq | forum home
  next oldest topic   next newest topic
» The Geek Culture Forums   » News, Reviews, Views!   » Your News!   » Thread Risk Warning: "Beta Testers Wanted" (Page 1)

 - UBBFriend: Email this page to someone!  
This topic comprises 2 pages: 1  2 
 
Author Topic: Thread Risk Warning: "Beta Testers Wanted"
dragonman97

SuperFan!
Member # 780

Member Rated:
4
Icon 3 posted November 29, 2004 20:41      Profile for dragonman97   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
Warning: The thread "Beta Testers Wanted" is in reference to web bugs, a.k.a. clear GIFs, and incorporates user tracking functionality. While I am not entirely certain of the exact function of the picture present in the aforementioned thread, I do know that the poster, "Ti," watches his logs with a hawk's eyes, and is probably using the referenced software to mine the server log data captured by loading it.

More dragon-ranting to follow.

/me listens to /music/hacking-not-allowed/hacking_is_not_allowed_2step_micro_move_mix.ogg
(From "Hacking is not allowed in the Netherlands")

Alright, I think I'll be a bit more coherent now. [Smile]

Of course...anyone can log access to pictures or any other object accessed via HTTP, but the thread in question is about doing so with the intent of tracking users, and Ti has shown before that he's more than happy to do so. I don't know about everyone else here, but I don't really appreciate having other people plot to follow me around the web, effectively being a cyber-stalker. By using a multi-pronged form of this approach, one could determine individuals with reasonable accuracy, and subsequently form profiles about their online activity.

Therefore, I recommend that anyone concerned about their privacy w.r.t. this issue block image loading from logichigh.com (the domain from which these images orignate). Also, if you use Firefox, you can easily block the loading of all images that do not originate from the site you are connected to (i.e. only show images from geekculture.com). Of course, this has the side effect of preventing you from seeing inline images of sheep, and the like, but sometimes the cost of vigilance is high. Of course, he could use another site/DNS entry, but for the time being, I expect this not to be the case, and I sincerely hope he doesn't try to use stealthy actions. I am specifically only addressing this individual issue here, because other people *could* be trying similar schemes, however, I tend to doubt this, as even clear-GIFs will appear in the UBB code you see when quoting other people - when exposed to a large number of people, all bugs are shallow.

It is also worth noting that such web bugs could be entered into this thread, but I hope that people of integrity will not sully this attempt at presenting a clear message about Internet security.

I would like to close this message with the following quote from the HTTP/1.1 RFC (2616):
quote:

15.1.1 Abuse of Server Log Information

A server is in the position to save personal data about a user's requests which might identify their reading patterns or subjects of interest. This information is clearly confidential in nature and its handling can be constrained by law in certain countries. People using the HTTP protocol to provide data are responsible for ensuring that such material is not distributed without the permission of any individuals that are identifiable by the published results.

Regards,
dragon

--------------------
There are three things you can be sure of in life: Death, taxes, and reading about fake illnesses online...

Posts: 9332 | From: Westchester County, New York | Registered: May 2001  |  IP: Logged
csk

Member # 1941

Member Rated:
5
Icon 1 posted November 29, 2004 20:58      Profile for csk     Send New Private Message       Edit/Delete Post   Reply With Quote 
Hmm, it's a difficult one. While I have a problem with some of the moral applications of technology like he is using (especially when spammers do it), the technology itself isn't good or bad, it's just a technology. At least he's up front about using it. If someone new was to sign up, and post hot pictures of a female in a few threads, no one would even think that it might be a web bug (hey, I wonder...)

But in any case, thanks for the warning (though I'd already visited the thread (D'oh!)

--------------------
6 weeks to go!

Posts: 4455 | From: Sydney, Australia | Registered: Jan 2003  |  IP: Logged
dragonman97

SuperFan!
Member # 780

Member Rated:
4
Icon 1 posted November 29, 2004 21:07      Profile for dragonman97   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by csk:
Hmm, it's a difficult one. While I have a problem with some of the moral applications of technology like he is using (especially when spammers do it), the technology itself isn't good or bad, it's just a technology. At least he's up front about using it. If someone new was to sign up, and post hot pictures of a female in a few threads, no one would even think that it might be a web bug (hey, I wonder...)

Section of interested de-emphasized. [Razz]

He's upfront about it, but at the same time, you don't know you've been bitten until you read about it. That is different from clicking a link to a trial page about it.

And yes, you're absolutely right about the pics presented by newbies. However, personally, I do keep my eyes open for info on where the pictures originate from. I don't believe newbies are in as much of a position to get images into the right places to adequately carry out a data mining operation. I'd say more, but this is one time I believe in security through obscurity. Contact me privately if you want to seriously discuss such a matter. Let me add one thing: HTML mail should never be enabled! It is evil, vile stuff. That is all. [Smile]

--------------------
There are three things you can be sure of in life: Death, taxes, and reading about fake illnesses online...

Posts: 9332 | From: Westchester County, New York | Registered: May 2001  |  IP: Logged
csk

Member # 1941

Member Rated:
5
Icon 1 posted November 29, 2004 21:13      Profile for csk     Send New Private Message       Edit/Delete Post   Reply With Quote 
You of course mean "HTML mail where content is fetched from a remote location without specific confirmation by the user", don't you? While not the most convenient option, HTML formattted mail can be fairly easily translated into plain text by a capable mail reader (possibly with some extra hooks) [Razz]

--------------------
6 weeks to go!

Posts: 4455 | From: Sydney, Australia | Registered: Jan 2003  |  IP: Logged
dragonman97

SuperFan!
Member # 780

Member Rated:
4
Icon 1 posted November 29, 2004 21:21      Profile for dragonman97   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by csk:
You of course mean "HTML mail where content is fetched from a remote location without specific confirmation by the user", don't you? While not the most convenient option, HTML formattted mail can be fairly easily translated into plain text by a capable mail reader (possibly with some extra hooks) [Razz]

Wha? Like `links -dump`? [Wink] Alternatively, Mozilla Thunderbird has a nice feature that lets you choose 3 grades of display:
Plain text (which I'm eternally in)
Simple HMTL (basic textual formatting [relatively safe, except for increased phishing potential])
Original HTML (Danger, Will Robinson!)

Hell, I don't even directly open mail I'm uncertain of - I use Ctrl-U (view message source) directly from the listing...or just use `mutt -Rf`. [Big Grin] I much prefer the latter, but these days, I've been rather enjoying Thunderbird for work. I need to find out about incorporating a vimpart into the editor, though. [Wink] Being able to read Gmail from Thunderbird now is a definite perk, I might add.

--------------------
There are three things you can be sure of in life: Death, taxes, and reading about fake illnesses online...

Posts: 9332 | From: Westchester County, New York | Registered: May 2001  |  IP: Logged
Flashfire
Assimilated
Member # 2616

Member Rated:
4
Icon 1 posted November 30, 2004 14:54      Profile for Flashfire   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
*downloads Thunderbird*

Thanks for the info, D-man -- though, like csk, I'd already looked at the other thread first. Doh. (It's one step above this one in the queue, by some weird quirk of the board).

--------------------
"No silicon heaven? That's absurd!
Where would all the calculators go?"
--Kryten, Red Dwarf
-------------------------------
My Web Comic: NSTA: Semper Vigilantis

Posts: 368 | From: State of Denial | Registered: Mar 2004  |  IP: Logged
Luke Skywalker
Assimilated
Member # 3096

Member Rated:
3
Icon 1 posted November 30, 2004 16:28      Profile for Luke Skywalker     Send New Private Message       Edit/Delete Post   Reply With Quote 
So, as you have me a little confused. am i at risk for visiting the thread? or just the website, or both?

--------------------
Use the Force, Luke.

Posts: 406 | From: The Line Between Time and Space | Registered: Nov 2004  |  IP: Logged
dragonman97

SuperFan!
Member # 780

Member Rated:
4
Icon 1 posted November 30, 2004 16:34      Profile for dragonman97   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by Luke Skywalker:
So, as you have me a little confused. am i at risk for visiting the thread? or just the website, or both?

Read my post(s) carefully, as well as csk's posts. I believe we painted a clear picture.

(Gist: Mostly the thread in question, but the risk surrounds all of the public Internet [and private, depending on your level of paranoia/caution/quality of sysadmins])

--------------------
There are three things you can be sure of in life: Death, taxes, and reading about fake illnesses online...

Posts: 9332 | From: Westchester County, New York | Registered: May 2001  |  IP: Logged
spungo
BlabberMouth, a Blabber Odyssey
Member # 1089

Member Rated:
4
Icon 1 posted November 30, 2004 17:14      Profile for spungo     Send New Private Message       Edit/Delete Post   Reply With Quote 
In the UK, if one attempted to make use of server logs - e.g., to sell to a third party, you would be in breach of the Data Protection Act. I expect there's similar legislation everywhere. Anyone who's fond of mining server logs had better have a good justification if they get found out. [Smile]

--------------------
Shameless plug. (Please forgive me.)

Posts: 6529 | From: Noba Scoba | Registered: Jan 2002  |  IP: Logged
Luke Skywalker
Assimilated
Member # 3096

Member Rated:
3
Icon 1 posted November 30, 2004 17:20      Profile for Luke Skywalker     Send New Private Message       Edit/Delete Post   Reply With Quote 
Not to insult, but i kinda find it funny that if they are that paranoid, they would close, and possibly delete the thread. to help others, by stopping the source.

--------------------
Use the Force, Luke.

Posts: 406 | From: The Line Between Time and Space | Registered: Nov 2004  |  IP: Logged
dragonman97

SuperFan!
Member # 780

Member Rated:
4
Icon 1 posted November 30, 2004 19:09      Profile for dragonman97   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by Luke Skywalker:
Not to insult, but i kinda find it funny that if they are that paranoid, they would close, and possibly delete the thread. to help others, by stopping the source.

"They?" Are you working with THEM?

Please rewrite that post in a coherent fashion if you would like your views to be understood by those who read them.

--------------------
There are three things you can be sure of in life: Death, taxes, and reading about fake illnesses online...

Posts: 9332 | From: Westchester County, New York | Registered: May 2001  |  IP: Logged
Ti
Assimilated
Member # 941

Member Rated:
5
Icon 1 posted November 30, 2004 19:42      Profile for Ti   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
First off, I don't intend a flame war, nor am I going to bash anyone, and I would like to thank everyone who has participated in this thread for unwittingly becoming early beta testers and reporting my first bug.

Paranoia.

Dragonman is only half right, I am polling information from anyone who reads the thread or pulls a graphic. This information can be revealing about who a user is, and can tell you the following things:

  • Users IP Address
  • Whether particular computer/browser/user has visited your site before (Through the use of cookies)
  • And if published, what Browser/OS that person is using


However, this IS NOT an exploit, nor is it a bug. As it turns out, EVERY website you visit records this exact information, because your browser sends it! And it's common practice of professional web designers to incorporate statistics and tracking into their website. Spooks are also:

  • NOT Malicious
  • NOT Capable of providing information about where a user HAS been, only that they were at your site
  • NOT capable (or setup) to acquire personal information about a user
  • NOT based on an exploit
  • NOT uncommon (EVERY ad that you view now-adays captures your information, I hope by making this functionality public I can bring scrutiny to this)
  • NOT a virus, nor an application. Nothing is installed.

I more than likely will now add a privacy notice, and various disclaimers to the main website, but I thought I would post my dispute here as most of you whom I should be informing would now never touch my site with a ten foot pole. Because it seems it has leprosy.

Kevin Lohman
1230 West Mountain AVE
Fort Collins, CO 80521

PS, the spook has been removed from the Beta Testers wanted thread. If anyone wants an example they can visit the site http://www.logichigh.com/spooks and see for themselves.

--------------------
Check out my webpage/blog/review stash
www.logichigh.com

Posts: 377 | From: Sunnyvale, CA | Registered: Oct 2001  |  IP: Logged
csk

Member # 1941

Member Rated:
5
Icon 1 posted November 30, 2004 19:53      Profile for csk     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by Ti:
First off, I don't intend a flame war, nor am I going to bash anyone, and I would like to thank everyone who has participated in this thread for unwittingly becoming early beta testers and reporting my first bug.

Paranoia.

Dragonman is only half right, I am polling information from anyone who reads the thread or pulls a graphic. This information can be revealing about who a user is, and can tell you the following things:

  • Users IP Address
  • Whether particular computer/browser/user has visited your site before (Through the use of cookies)
  • And if published, what Browser/OS that person is using

I fail to see how that makes dman only half right. In fact, it pisses me off substantially that you used this to approach to recruit "unwitting early beta testers". Yes, I know what information can be gained from a web server log (I run a web server myself, you know).

But I don't agree with the end justifying the means. Even if your only intent was to raise awareness of privacy issues, it's not the right way to do it. And if you wanted beta testers for your little project, sure, include a link to your site, but don't embed the bloody thing in the thread. And be clear about what your project is about up front, so people realise the consequences of clicking. After all, that's the final result you say you want. Isn't it?

--------------------
6 weeks to go!

Posts: 4455 | From: Sydney, Australia | Registered: Jan 2003  |  IP: Logged
Ti
Assimilated
Member # 941

Member Rated:
5
Icon 1 posted November 30, 2004 20:54      Profile for Ti   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
I just meant Social Beta testers. I didn't leave the spook as any more then an example, and it's been removed (and all logs from it deleted).

Kevin Lohman

[HTTP_USER_AGENT] => Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7) Gecko/20040803 Firefox/0.9.3
[REMOTE_ADDR] => 138.184.127.34
[REMOTE_PORT] => 57823
[HTTP_ACCEPT_CHARSET] => ISO-8859-1,utf-8;q=0.7,*;q=0.7
[HTTP_ACCEPT_ENCODING] => gzip,deflate
[HTTP_ACCEPT_LANGUAGE] => en-us,en;q=0.5

--------------------
Check out my webpage/blog/review stash
www.logichigh.com

Posts: 377 | From: Sunnyvale, CA | Registered: Oct 2001  |  IP: Logged
dragonman97

SuperFan!
Member # 780

Member Rated:
4
Icon 1 posted November 30, 2004 21:03      Profile for dragonman97   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
Thank you,
dragon

--------------------
There are three things you can be sure of in life: Death, taxes, and reading about fake illnesses online...

Posts: 9332 | From: Westchester County, New York | Registered: May 2001  |  IP: Logged
Rhonwyyn

Solid Gold SuperFan!
Member # 2854

Member Rated:
4
Icon 1 posted December 01, 2004 01:10      Profile for Rhonwyyn   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
Okay, so please excuse my ignorance, but do I understand correctly that by reading the thread on GC my info has/had been logged by Ti's computer? That doesn't really make sense 'cause my computer sent info to and from GC's servers, not from Ti's. If I had clicked on the link Ti had posted in the thread, then I would have been accessing his servers and thus vulnerable to any kind of info capture program he ran on his machine.

Or did Ti actually have something set up on the GC thread to capture info?

--------------------
Change the way you SEE, not the way you LOOK!

Posts: 3849 | From: Lancaster, PA | Registered: Jul 2004  |  IP: Logged
The Famous Druid

Gold Hearted SuperFan!
Member # 1769

Member Rated:
4
Icon 1 posted December 01, 2004 01:20      Profile for The Famous Druid     Send New Private Message       Edit/Delete Post   Reply With Quote 
An image link in his original posting referred back to his site, thus giving his web server the opportunity to log various bits of information about anyone who loaded it.

It's a technique some spammers use, an image link in the email message goes back to their site, thus verifying that the email has been read, and therefor that the email address the spam was sent to is still active.

--------------------
If you watch 'The History Of NASA' backwards, it's about a space agency that has no manned spaceflight capability, then does low-orbit flights, then lands on the Moon.

Posts: 10680 | From: Melbourne, Australia | Registered: Oct 2002  |  IP: Logged
Rhonwyyn

Solid Gold SuperFan!
Member # 2854

Member Rated:
4
Icon 1 posted December 01, 2004 01:26      Profile for Rhonwyyn   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
He had an image? okay, I can see how that would work. I thought he had just posted an URL and got confused.

That really annoying girl who started posting all over the place a few weeks ago and who I haven't seen online recently... she had her pic in every post. Was that tracking info too?

--------------------
Change the way you SEE, not the way you LOOK!

Posts: 3849 | From: Lancaster, PA | Registered: Jul 2004  |  IP: Logged
csk

Member # 1941

Member Rated:
5
Icon 1 posted December 01, 2004 01:29      Profile for csk     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by Rhonwyyn:
That really annoying girl who started posting all over the place a few weeks ago and who I haven't seen online recently... she had her pic in every post. Was that tracking info too?

Hmm, that was what I was hinting at in an earlier post. I don't think it was in that particular case, but the method in general would work well. I'll stop now before I start giving anyone any bright ideas.

--------------------
6 weeks to go!

Posts: 4455 | From: Sydney, Australia | Registered: Jan 2003  |  IP: Logged
The Famous Druid

Gold Hearted SuperFan!
Member # 1769

Member Rated:
4
Icon 1 posted December 01, 2004 03:02      Profile for The Famous Druid     Send New Private Message       Edit/Delete Post   Reply With Quote 
Maybe that's how the 'advanced email tracking' works on those chain-letters. You know the ones, send a copy to 50 people and Microsoft will send you a free copy of Office or somesuch.

--------------------
If you watch 'The History Of NASA' backwards, it's about a space agency that has no manned spaceflight capability, then does low-orbit flights, then lands on the Moon.

Posts: 10680 | From: Melbourne, Australia | Registered: Oct 2002  |  IP: Logged
csk

Member # 1941

Member Rated:
5
Icon 1 posted December 01, 2004 03:26      Profile for csk     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by The Famous Druid:
Maybe that's how the 'advanced email tracking' works on those chain-letters. You know the ones, send a copy to 50 people and Microsoft will send you a free copy of Office or somesuch.

I thought the bad thing was meant to happen if you didn't send out the chain letter?

*rimshot*

--------------------
6 weeks to go!

Posts: 4455 | From: Sydney, Australia | Registered: Jan 2003  |  IP: Logged
greycat

Member # 945

Member Rated:
5
Icon 1 posted December 01, 2004 05:39      Profile for greycat   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by Ti:

[HTTP_USER_AGENT] => Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7) Gecko/20040803 Firefox/0.9.3

Sheesh, how boring!

HTTP_USER_AGENT=Mozilla/5.0 (X11; U; HP-UX 9000/785; en-US; rv:1.4) Gecko/20030707
REMOTE_ADDR=192.35.79.70
REMOTE_PORT=55140
HTTP_ACCEPT_LANGUAGE=en-us,en;q=0.5
HTTP_VIA=1.1 imadev.eeg.ccf.org:3128 (Squid/2.4.STABLE6)

P.S.: don't bother trying to build Firefox 1.0 sources on HP-UX. The "Firefox" sources are really Mozilla sources; the top-level directory is called "mozilla", and there's a "mailnews" subdirectory under it. And it's not really one nice monolithic source tree with a consistent build system, either: it's a bunch of different projects all glued together, each one of which has its own way of building itself. And they assume things about the compiler based on what OS you're using, so not only does a standard "CC=/path/to/gcc-3.2/bin/gcc CXX=... ./configure" not work; there are also non-autoconfiscated parts where the compile crashes because it hard-codes proprietary HP CC garbage behind an #ifdef HPUX (even if you're running gcc), and other parts where it calls "ld -with -weird -flags" instead of g++ to do the final link (and therefore blows up), etc., etc., ad nauseum. I gave up after about a full day of attempting to build it.

I don't know what they've been doing over at Mozilla for the last 7 years, but fixing their build system sure as hell isn't part of it. This isn't what I would call a one point oh release. [Geek]

Posts: 1522 | From: Ohio, USA | Registered: Oct 2001  |  IP: Logged
magefile
Highlie
Member # 2918

Member Rated:
5
Icon 1 posted December 01, 2004 07:01      Profile for magefile     Send New Private Message       Edit/Delete Post   Reply With Quote 
HPUX? At least it's mostly portable. I mean, how many people actually use HPUX?

--------------------
Let them be stupid - the market will sort it out.

Posts: 743 | From: Massachusetts | Registered: Aug 2004  |  IP: Logged
quantumfluff
BlabberMouth, a Blabber Odyssey
Member # 450

Member Rated:
5
Icon 1 posted December 01, 2004 08:10      Profile for quantumfluff     Send New Private Message       Edit/Delete Post   Reply With Quote 
I actually have to deliver a some code on HP/UX this week. A LOT of government agencies use HP/UX. OTOH, I don't actually *use* HP/UX. I develop on linux and continuously port and test on the other Unixes. I just build and test on HP/UX.

Greycat: do you know a source of used HP boxes. I need any of the newer ones that run HPUX 11.11 and have the processors which require 8 byte alignment of doubles.

Posts: 2902 | From: 5 to 15 meters above sea level | Registered: Jun 2000  |  IP: Logged
Ti
Assimilated
Member # 941

Member Rated:
5
Icon 10 posted December 02, 2004 02:25      Profile for Ti   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
Please note: The "Beta Testers Wanted" thread is a now a safe thread, and I will be posting things related to that topic there.

Anyone interested in destroying logs that were taken or permanently blocking any further log notices from my servers should see that thread as I have posted details, or see my NEW privacy statement:
here

Hopefully that makes things seem less scary.

Kevin Lohman

--------------------
Check out my webpage/blog/review stash
www.logichigh.com

Posts: 377 | From: Sunnyvale, CA | Registered: Oct 2001  |  IP: Logged


All times are Eastern Time
This topic comprises 2 pages: 1  2 
 
Post New Topic  New Poll  Post A Reply Close Topic    Move Topic    Delete Topic next oldest topic   next newest topic
 - Printer-friendly view of this topic
Hop To:

Contact Us | Geek Culture Home Page

2015 Geek Culture

Powered by Infopop Corporation
UBB.classicTM 6.4.0



homeGeek CultureWebstoreeCards!Forums!Joy of Tech!AY2K!webcam