[24hoursupport] Re: security concern

  • From: "Wyatt M. Portendt" <nunyabidness6@xxxxxxxxx>
  • To: 24hoursupport@xxxxxxxxxxxxx
  • Date: Wed, 23 Apr 2003 17:39:33 -0500

 

Not all cable services use a static IP.  Our service uses a dynamic IP,
however, if we didn't turn the modem off at night or didn't force the
router to renew every day, we could have the same IP for several days.

                                                                      

On 4/22/2003 at 11:57 PM a whisper was heard, and the one known as Ron
Allen was rumoured to have uttered....

          |  Hello Christian,
          |  
          |  I am not a JavaScript expert as such, but I am a professional
          |  programmer and know enough to dissect this script.
          |  
          |  This script in and of itself is not trying to do anything
          |  directly to
          |  your computer, meaning it makes no attempt to cause direct
          |  harm such
          |  as formatting the drive or anything like that. It does try to
          |  do a
          |  couple of semi-indirect things that, in
          |  my opinion, are slimy at best and at worst could open you up
to
          |  various problems.
          |  
          |  First, the program resizes the browser window it is running in
          |  to make
          |  it essentially invisible on the screen as well as
          |  non-resizable and
          |  non-restorable.
          |  
          |  Next, once the window is invisible so the user can't see
          |  what's going
          |  on, it attempts to load a Gator program that would give you
          |  some kind
          |  of time-setting utility and, while it was at it, install
          |  spyware on
          |  your computer so that Gator could track your movements around
          |  the web,
          |  apparently in conjunction with another advertising company,
          |  Adtegrity.
          |  If you permitted the installation, when you went to web sites
          |  that use
          |  Gator or Adtegrity advertising banners that the banners you
          |  saw would
          |  be targeted at you based on the information they had collected
          |  about
          |  your web habits. If you have your security setting set high
          |  enough, as
          |  you should have for web surfing, you would get a warning box
          |  which
          |  would allow you to not allow the install. If you did not get
          |  the
          |  warning box, or if you clicked on "OK" to install the utility,
          |  you
          |  might have this software installed now.
          |  
          |  Back to what the program does. Once the above step is
          |  complete, a
          |  one-pixel image known as a "web bug" is loaded. That lets them
          |  know,
          |  unfortunately, a lot about you already, such as your IP
          |  address and
          |  from that what ISP you use and what web page you were viewing
          |  when the
          |  web bug was downloaded. There isn't a whole lot they can do
          |  with that
          |  information, and even though they got your IP address they
          |  didn't get
          |  anything truly personally identifiable as yours (unless you
          |  have DSL,
          |  cable, or otherwise have a static IP address; if you use a
          |  dial-up
          |  ISP, your IP address changes every time you log on).
          |  
          |  So there you have it. You should be aware that the real
          |  culprit, in my
          |  opinion, is the greeting card site that allows Gator and other
          |  companies of their ilk to use their site to propagate Gator
          |  spyware
          |  and other atrocities. Gator couldn't do this without the
          |  explicit help
          |  and cooperation of web sites like that one.
          |  
          |  Hope that answers your question :)
          |  
          |  Ron
          |  
          |  
          |  
          |  Tuesday, April 22, 2003, 9:31:10 PM, you wrote:
          |  C> Hi! 
          |  C> on http://www.all-yours.net/ (greeting cards website) when
          |  clicking on thumbnails images for a greeting cards a webpage
          |  open and behave funny in the bottom of the screen ,we cannot
          |  open it full
          |  C> screen it's stay minimize.
          |  C> By my history I manage to know the web URL it is
          |
http://webpdp.gator.com/v3/webpdp_v3_detect.php?yic=HIC_Adtegrity3
          |  C> and I copy the source here, do you know what this webpage
          |  intend to do by reading the script ?
          |  
          |  For a web-based membership management utility and information
          |  on list policies, please see http://nibec.com/24hoursupport/
          |  
          |  To unsubscribe, send a blank email to
24hoursupport-request@xxxxxxxxxxxxx with "unsubscribe" (without quotes) in
the subject.


********* And So It Was ***********

For a web-based membership management utility and information on list policies, 
please see http://nibec.com/24hoursupport/

To unsubscribe, send a blank email to 24hoursupport-request@xxxxxxxxxxxxx with 
"unsubscribe" (without quotes) in the subject.


Other related posts: