Internet Explorer SuperCookies bypass P3P and cookie controls

April 8, 2002, 10:03 am

Richard Smith via NTBugTraq:
Internet Explorer SuperCookies bypass P3P and cookie controls

There is a significant privacy problem with Internet Explorer
because of a design flaw in the Windows Media Player (WMP). Using
simple Javascript code on a Web page, a Web site can grab the
unique ID number of the Windows Media Player belonging
to a Web site visitor. This ID number can then be used just
like a cookie by Web sites to track a user’s travels around
the Web.

However this ID number becomes a SuperCookie because it can be used
by Web sites to bypass all of the new privacy and P3P protections
that Microsoft has added to Internet Explorer 6 (IE6). IE6 ships
today with all Windows XP systems. SuperCookies also work in all
previous versions of Internet Explorer with all older versions of
Windows.

Category: LINKS, security  |  Comment  |  

CEO of Brilliant Defends Sneaky Installation

April 5, 2002, 2:45 pm

Slashdot | CEO of Brilliant Defends Sneaky Installation Practices. [Privacy Digest]

Category: LINKS, security  |  Comment  |  

CEO of Brilliant Defends Sneaky Installation Practices

April 4, 2002, 5:22 pm

CEO of Brilliant Defends Sneaky Installation Practices [Slashdot: News for nerds, stuff that matters]

Category: LINKS, security  |  Comment  |  

Stealth P2P network hides inside Kazaa

April 3, 2002, 7:58 am

cnet news.com: Stealth P2P network hides inside Kazaa
“A California company has quietly attached its software to millions of downloads of the popular Kazaa file-trading program and plans to remotely “turn on” people’s PCs, welding them into a new network of its own.”

Category: LINKS, security  |  Comment  |  

McAfee punts proactive virus protection

April 2, 2002, 12:26 pm

McAfee punts proactive virus protection. ThreatScan [The Register]

Category: LINKS, security  |  Comment  |  

Sun raises curtain (a little) on Solaris 9

April 2, 2002, 7:30 am

Sun raises curtain (a little) on Solaris 9. New default thread library (for better multiprocessor scaling). Remote Jump Start. In 12-18 months, a Jump Start management scheme dubbed iChange. [The Register]

Category: LINKS, misc  |  Comment  |  

Update: CSS2 Rollovers

March 29, 2002, 10:11 am

Update: CSS2 Rollovers. We’ve tweaked our pure CSS2 rollovers to perfection, and moved them to their own directory. These vertical rollovers use the hover pseudo-class for CSS2 browsers, and display properly in Netscape 4.x. By Andy King et al. 0329 [WebReference News]

Category: LINKS, web  |  Comment  |  

Drive by hacking linked to cyberterror

March 28, 2002, 5:08 pm

Drive by hacking linked to cyberterror. The Register Mar 28 2002 1:36PM ET [Moreover – Computer security news]

Category: LINKS, security  |  Comment  |  

another great way to use the W3C XSLT service

March 28, 2002, 3:47 pm

Jon Udell:
Here’s another great way to use the W3C XSLT service:

Dave’s outline


Jake’s outline


My outline



Joshua Allen: view, edit, and format OPML files in a web browser

Category: arch, LINKS, web  |  Comment  |  

Salon on PGP

March 28, 2002, 3:40 pm

Salon on PGP

Category: LINKS, security  |  Comment  |  
« Previous Entries
Next Entries »