Is anyone aware of whether this applies to Netscape under Linux? -- Howard. ______________________________________________________ LANNet Computing Associates <http://www.lannet.com.au> ---------- Forwarded message ---------- Date: Wed, 12 Jul 2000 13:27:28 -0500 From: John L. Morello <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Netscape SmartDownload reports file information to AOL According to a story on The Register, and confirmed by examining my own cookies, Netscape Communicator's SmartDownload component records the files it downloads, the client IP, the server IP, and the time, then forwards this information to AOL without informing the user. In other words, AOL receives a download-by-download report of each file Communicator downloads, its file name, your IP, and the server it came from. This information is passed on to AOL without user interaction or notification. Additionally, the information is recorded locally in a cookie file. When combined with other exploits which allow for remote transfer of cookie files, this vulnerability could reveal detailed information on a user's browsing habits. For more information, see the story at http://www.theregister.co.uk/content/1/11895.html ____________________________ ::: John L. Morello ::: LSU Office of Computing Services -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://slug.org.au/lists/listinfo/slug
