Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Mistype a URL? M$N knows what you typed.

From: "Dan Heskett" <dan () heskettnet com>
Date: Wed, 6 Mar 2002 14:50:19 -0500
Hello Darren and List,

This feature is known as "Autosearch".  Even a cursory search for details on
it through Microsoft's site or Google would have returned this knowledge
base article (Q221754):

        http://support.microsoft.com/default.aspx?scid=kb;EN-US;q221754

The article details how it works, why they have it, and how to configure it.
If you want to disable its pretty simple: open the search paine in IE, click
the 'Customize' button, click click the 'Autosearch' button and choose 'Do
Not Search from the Address bar'.  This will eliminate the traffic.  You can
confirm this by using snort or any decent personal firewall.

Many people (especially newbies) find this feature very handy.
Additionally, you can configure this handy feature to go to your favorite
search engine.

--dan heskett
www.danheskett.com

-----Original Message-----
From: Darren Reed [mailto:avalon () coombs anu edu au]
Sent: Tuesday, March 05, 2002 7:42 PM
To: bugtraq () securityfocus com
Subject: Mistype a URL? M$N knows what you typed.



If you've ever used IE and typed in "ww.foo.com" into the path, you
will end up at a web page generated by an MSN web site.  How did I
get this, you ask?  Well, you definately cannot find anything in the
"Internet Options" panels which lets you configure this.  If you
fire up regedit, under

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search

you will find "CustomizeSearch" and "SearchAssistant".  Unless you
want all of the URLs which fail to resolve in domain names to be
handed off to MSN.  Furthermore, there are cookies involved with
these web sites.  These "helpers" appear to only be used when there
are no proxies enabled but it would be a nice if there was an easier
way to stop Microsoft knowing every bad URL that gets typed, etc,
by those with no proxy.

FWIW, for me CustomizeSearch defaults to:
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
and SearchAssistant to:
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

Darren
Previous By Date Next
Previous By Thread Next

Current thread: