Bugtraq mailing list archives
Re: Microsoft Word documents that "phone" home
From: cassius () HUSHMAIL COM
Date: Fri, 1 Sep 2000 15:39:22 -0800
Scott from Microsoft Security Response Center wrote...
- It spins dire scenarios of people being "tracked", without acknowledging just how difficult it would be to actually correlate information like an IP address to a person's identity.
There are some things you could do with the URL. What if you suspect confidential docs are being forwarded to competitors? It can only be Alice or Bob but you aren't sure. You send a seperate document to each. Alice.doc has a hidden link to http://yoursite/pic.gif?id=alice Bob.doc has a link to http://yoursite/pic.gif?id=bob After sending them you see hits on pic.gif?id=bob from evilcompetitor You could spank Bob and remove him from the confidential mailing list but you couldn't fire him. The hit from evilcompetitor could have been anybody including Alice. -Cassius
Current thread:
- Re: Microsoft Word documents that "phone" home, (continued)
- Re: Microsoft Word documents that "phone" home Terje Bless (Sep 02)
- Re: Microsoft Word documents that "phone" home Brad (Sep 02)
- Other file formats that can "phone" home Richard M. Smith (Sep 03)
- Re: Other file formats that can "phone" home jsl2 (Sep 04)
- Re: Other file formats that can "phone" home Richard M. Smith (Sep 04)
- Sun StarOffice documents that "phone home" and other interesting problems Kurt Seifried (Sep 04)
- Re: Sun StarOffice documents that "phone home" and other interesting problems Luca Berra (Sep 05)
- Leftover data in other files (was Re: Sun StarOffice documents that "phone home".....) jsl2 (Sep 05)
- Re: Leftover data in other files (was Re: Sun StarOffice documents that "phone home".....) Ryan Russell (Sep 05)