[prev in list] [next in list] [prev in thread] [next in thread]
List: sqwebmail
Subject: Re: [sqwebmail] Re: html images
From: Jim Penny <jpenny () universal-fasteners ! com>
Date: 2002-09-30 22:09:37
[Download RAW message or body]
On Mon, Sep 30, 2002 at 05:40:48PM -0400, Sam Varshavchik wrote:
> dizasta writes:
>
> >ok thanks. why is it a security flaw btw?
>
> If I send you an HTML mail, with a link to an external image, I'll know:
>
> 1) When you've read my mail,
>
> 2) What mail software you're using to read my mail,
>
> 3) Your IP address
>
> 4) The fact that your E-mail address is valid, and represents a deliverable
> mailbox.
>
And, that you are the type of person who is either unaware of these
issues, or don't worry about them. In either case, you just as well
walk around with a sign saying "Hack me".
Jim Penny
>
> Additionally, #2 may provide additional information that might be helpful
> in exploiting any known security holes in your mail software.
>
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic