OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: Microsoft Word documents that "phone" home
From: Brad (gryphonnAUSTARNET.COM.AU)
Date: Fri Sep 01 2000 - 21:41:22 CDT

In reply to:
Sender: Microsoft Security Response Center <secureMICROSOFT.COM>
Subject: Re: Microsoft Word documents that "phone" home
Dated: 1 Sep 2000,
Time: 7:27

> -----BEGIN PGP SIGNED MESSAGE-----
>
> Hi Kris -
>
> Thanks for your note. I think we may be in violent *agreement*
> here.<g>
>
> We think it's a great idea to talk about this issue, and we do want to
> make sure that our customers understand the pros and cons of
> web-enabled applications. Specifically, we are glad to participate in
> a dialogue about cookies, the risk they pose, and how to control them.
*snip*
> - It pays scant attention to the fact that customers already have the
> tool to control cookies in their hands, namely, IE. Customers who
> have used the Security Zones setting in IE to restrict how cookies are
> handled are automatically protected against all cookies, regardless of
> whether the web session was initiated by web surfing or by a
> web-enabled application.

Hi all.
May I draw your attention to the following link describing how MSN
has set up a number of hidden re-directs in order to place a GUID in
a cookie for tracking purposes.

http://www.pc-help.org/privacy/ms_guid.htm

This leads to possibilities of expanding on the phone home feature of
applications and/or documents being further exploited.

Cheers,
Brad

***********************************
Bradley.N.Griffin
Gryphonn Design
Web Design
Computer Systems Consultant
Security Solutions
gryphonnaustarnet.com.au
ABN: 12 095 821 961
**********************************
Help save a starving child.
One click is all it takes:
http://www.thehungersite.com/