[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Web bug

Hi Jean-Francois,

Thanks for your explanation.


On Fri, 28 Feb 2003, rj3 Jean-Francois RODRIGUEZ wrote:

> >
> > Hi All,
> >
> > Can some body explain the following:
> >
> > 1) Can a Web Bug (i.e., display of an image file from a third
> >   party web site) be a security problem?
> 
> I don't know about it.
> 
> > 2) Does it cause a cookie to be sent from the browser to that
> >   third party web site?
> 
> About that, yes, it is used by advertisers to get cookies when you visit a
> website where they have put (paying $$) such an image.
> When your browser download this image, it must make a connection to the
> advertiser's website where this image comes from, and so they can ask to
> your browser to accept a cookie.By this way, this third party web site can 

By "accept a cookie" you mean "return (or send) a cookie"?

I thought the browser already got the cookie (some where and some how>. 


> put and read cookies that your
> browser have accepted visiting different web sites, because they all come
> from the same advertiser's web site (and so they can gather different
> information about you : what kind of sites you are usual to visit, so what
> are your interests...).

1) So, by returning a cookie (because of connection via the web bug)
   this third party will know that I had visited a particular site?

2) What if I had visited multiple sites? Can this one cookie tell
   this third party web site what sites I had visited?

   Or do I (i.e., my browser) send more than one cookies?

Any way, very interesting!


> I must have learned all that here : www.searchlores.org

I'll visit this site.

Thank you!

Philip


> Regards
> 
> Jean-François
> 
> 
> ------------------------------------------------------------------------
>      To unsubscribe email security-discuss-request@linuxsecurity.com
>          with "unsubscribe" in the subject of the message.
> 
> 

------------------------------------------------------------------------
     To unsubscribe email security-discuss-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.

[Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Video for Linux]     [Bugtraq]     [USB]     [Fedora Security]

Add to Google Powered by Linux