Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Read an email, lose your privacy

  • From: Steve Sobol
  • Date: Mon Jan 10 22:49:48 2000

"Henry R. Linneweh" wrote:
 
> http://www.sunworld.com/sunworldonline/swol-01-2000/swol-01-silicon.html

With an excellent, and I think appropriate, quote from Sun CEO Scott 
McNealy at the top of the article.

>while I hope Scott McNealy is using hyperbole when he says, "You 
>have zero privacy now. Get over it" (the PC Week "Quote of the 
>Week," Feb. 1, 1999), it's not at all clear that he is. 

I hardly think McNealy is exaggerating. Our privacy has been
disappearing for years already.




> Thank you;
> |--------------------------------------------|
> | Thinking is a learned process so is UNIX   |
> |--------------------------------------------|
> Henry R. Linneweh
> 
>     ---------------------------------------------------------------
>              Advertisement: Support SunWorld, click here!
> 
>                                                        Read an email,
>                                                           lose your
>                                                           privacy
> 
>                                                         Email can be
>                                                       spammer's weapon
>                                                         in more ways
>                                                           than one
> 
>                                                            Summary
>                                                            Assorted
>                                                            cyberprivacy
>                                                            organizations
>                                                            are
>                                                            asking
>                                                            regulators
>                                                            to fix
>                                                            a
>                                                            privacy
>                                                            leak
>                                                            in Web
>                                                            browser
>                                                            software.
>                                                            Rich
>                                                            Morin
>                                                            tells
>                                                            us why
>                                                            leaks
>                                                            are
>                                                            only a
>                                                            small
>                                                            part
>                                                            of the
>                                                            problem.
>                                                            (1,000
>                                                            words)
> 
>                                                       ----------------
> 
>                                                           he
>                                                           headline
>                                                       shouted
>                                                       "E-Mail
>                                                       May Be Peril to
>                                                       Privacy" from
>                                                       the business
>                                                       section's front
>                                                       page in the San
>                                                       Francisco
>                                                       Chronicle.
>                                                       Reading the
>                                                       December 4
>                                                       article by
>                                                       Associated Press
>                                                       writer Kalpana
>                                                       Srinivasan, I
>                                                       was happy to see
>                                                       the issue
> getting some attention but hardly surprised to hear about yet another
> privacy threat. David Brin, the author of The Transparent Society,
> writes that a lack of privacy is inevitable. Although I don't agree
> with everything he says, the odds look pretty good that Brin might be
> right about this.
> 
> And while I hope Scott McNealy is using hyperbole when he says, "You
> have zero privacy now. Get over it" (the PC Week "Quote of the Week,"
> Feb. 1, 1999), it's not at all clear that he is. Every time I'm asked
> to have my signature digitized for posterity during a credit card
> purchase (which I refuse, as a matter of principle), I am reminded of
> just how invasive our society has become.
> 
> Hiding HTML links in email
> Enough generalized paranoia, however. Let's look at some specific
> threats.
> 
> Most Web browsers hide the HTML portion of a link, showing only a
> highlighted word or two. Many email clients, particularly those
> embedded in Web browsers, perform this service as well.
> 
> It is a useful feature, in most cases. After all, HTML code is both
> bulky and mysterious; most email users have neither the expertise,
> time, nor motivation to analyze every incoming bit of HTML.
> Unfortunately, however, it can leave an unwary user open to privacy
> attacks.
> 
> Let's say I get a piece of spam from a porn site, containing includes
> the following bit of HTML:
> 
>    <A HREF="http://www.smuttystuff.com";>www.smuttystuff.com</A>
> 
> No problem so far: www.smuttystuff.com is just a Website, so I should
> be pretty anonymous visiting it. All the site will get from my visit,
> in general, is an IP number or perhaps a domain name. The site can't
> use either of those to send me more spam or identify me as a visitor.
> 
> Unfortunately, URLs can contain other items, including parameters that
> can be transmitted back to the site:
> 
>    <A HREF="http://www.smuttystuff.com?u=foo@bar.com";>www.smuttystuff.com</A>
> 
> If I take the bait and visit the site, my email address, foo@bar.com,
> can be put on a hot list. Of course, the site managers had already
> obtained my address from an existing list, but they didn't know I
> would take the offered bait. Now they do.
> 
> It gets worse. If I am using such a Web browser to handle my email,
> even opening the email message may be enough to initiate a serious
> loss of privacy. Many Web browsers are capable of enhancing email
> messages with all sorts of (possibly invisible) images, retrieving
> them when a message is opened from any specified URL. The spammer is
> free to include an IMG tag that includes my email address in a
> parameter, as follows:
> 
>    <IMG SRC="http://www.smuttystuff.com/x.jpg?u=foo@bar.com";>
> 
> Wanna cookie?
> The spammer now knows that I opened his message, but even that's not
> the worst part. The Website can also return a cookie to my browser
> containing my (possibly disguised) email address. This means that any
> future visit I make to his site (or other, cooperating sites) can be
> recorded and indexed to my email address.
> 
> In short, my privacy will have been severely compromised by my email
> software, without my knowledge or permission. For more information on
> this specific kind of attack, see the Electronic Frontier Foundation's
> press release or the technical report by security expert Richard M.
> Smith (in Resources, below).
> 
> Variations
> These sorts of attacks can take many forms. For instance, it is quite
> possible to eliminate the need for a parameter altogether. Let's say
> the image request looks like this:
> 
>    <IMG SRC="http://www.smuttystuff.com/blonds/susie_q.jpg";>
> 
> That seems pretty innocent, from a privacy perspective, but it might
> not be. In one possible scenario, the spammer could generate a unique
> URL for each outgoing email message, joining random names (susie,
> tammy, ...) with random letters (q, r, and so on). As each piece of
> email is sent, the spammer saves the outgoing email address in a
> database, keyed by the unique portion (susie_q) of the URL.
> 
> When the image request is received, a hidden CGI script
> (http://www.smuttystuff.com/blonds) can record the request in the
> database, send me an identifying cookie, and so on. In short, any
> image request could be tagged.
> 
> Finally, if I am foolish enough to click on an unknown URL, the
> spammer doesn't need parameters or even "hidden" HTML:
> 
>    http://www.smuttystuff.com/blonds/susie_q.html
> 
> The same logic applies: because the spammer knows whom he told about
> susie_q, he knows who is asking to see the Web page. Welcome to
> spamland, sucker.
> 
> Conclusions
> One moral of this story, like that of Ken Thompson's classic paper,
> "Reflections on Trusting Trust" (see Resources), is that Trojan horses
> can come in many guises, and one should not trust a stranger's
> offerings, even if they contain no visible threats.
> 
> Another moral is that convenient "features," made possible by
> aggregating pieces of software (in this case, email and Web clients),
> can lead to unexpected security holes. Microsoft is the most obvious
> perpetrator here, but Netscape and others have contributed to the
> situation.
> 
> In an environment where random miscreants can send email to
> unsuspecting victims, keeping a few barriers in place seems only
> prudent. The spate of emailed "macro viruses" provides a clear example
> of the reasons.
> 
> Putting macros -- interpretable code -- into word processors and other
> programs is clearly a powerful and useful idea. Having email software
> start up a copy of the word processor, so you can read formatted mail,
> is also quite convenient. Unfortunately, the combination means that
> ill-wishers can run macros on a victim's machine merely by sending
> email.
> 
> I don't have any global solutions to offer, but I can offer some
> advice: Don't use Web browsers or highly integrated systems, such as
> Microsoft Outlook, as email clients; they're far too accommodating to
> spammers.
> 
> If you must use unsafe email software, try to use it in a conservative
> manner. Turn off any automated features, such as automated program
> invocation, that might allow others to take over your machine. Until
> the vendors add some real security, the risks far outweigh any
> possible convenience.
> 
> Editor's note: The domain name Smuttystuff.com was not registered at
> the time this article was published. Any similarity to an existing
> domain name or Website is purely coincidental. [Image]
> 
>         About the author
>         Rich Morin operates Canta Forda Computer Laboratory, a
>  [Image]computer consulting firm specializing in open source
>         software. He lives in San Bruno, Calif., on the San Francisco
>         peninsula.
> 
>    Home | Next Story | Mail this Story | Printer-Friendly Version |
>          Comment on this Story | Resources and Related Links
> 
> 
> 
>              Advertisement: Support SunWorld, click here!
> 
> [Image]Resources and Related Links
>           * The Transparent Society, David Brin (Perseus Books, 1999):
>             http://www.perseusbooks.com
>           * Prepublication version of Chapter 1:
>             http://crit.org/http://crit.org/openness/sourcedocs/BrinCh1.html
>           * "The Cookie Leak Security Hole in HTML Email Messages," Richard
>             M. Smith:
>             http://www.tiac.net/users/smiths/privacy/cookleak.htm
>           * Electronic Frontier Foundation press release:
>             http://www.eff.org/pub/Privacy/Profiling/19991202_joint_profiling_pressrel.html
>           * "Reflections on Trusting Trust," Ken Thompson (Communication of
>             the ACM, August 1984):
>             http://www.acm.org/classics/sep95
> 
>        Additional SunWorld resources
> 
>           * Previous Silicon Carny columns in SunWorld:
>             http://www.sunworld.com/common/swol-backissues-columns.html#silicon
>           * The SunWorld Topical Index -- a comprehensive listing of all
>             SunWorld articles by subject:
>             http://www.sunworld.com/common/swol-siteindex.html
>           * Visit sunWHERE -- launchpad to hundreds of online resources for
>             Sun users:
>             http://www.sunworld.com/sunwhere.html
>           * Explore back issues of SunWorld:
>             http://www.sunworld.com/common/swol-backissues.html
>           * IDG.net, your one-stop IT resource:
>             http://www.idg.net
> 
> [Image] Tell Us What You Thought of This Story
> 
>         -Very worth reading    -Too long    -Too technical
>         -Worth reading         -Just right  -Just right
>         -Not worth reading     -Too short   -Not technical enough
> 
> 
> 
> 
> 
> [(c) Copyright 2000 Web Publishing Inc., and IDG Communication company]
> 
> If you have technical problems with this magazine, contact
> webmaster@sunworld.com
> 
> URL: http://www.sunworld.com/swol-01-2000/swol-01-silicon.html
> Last modified: Friday, January 07, 2000

-- 
North Shore Technologies Corporation - Steven J. Sobol, President & Head
Geek
815 Superior Avenue #610, Cleveland, Ohio 44114, USA    Phone +1
888.480.4NET
sjsobol@NorthShoreTechnologies.net         
http://NorthShoreTechnologies.net
Owned and loved by the dogs of Jaymist Chinese Shar-Pei, Montville,
Ohio   :)

Alcohol and calculus don't mix.. Never drink and derive.





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.