Re: Yahoo (How beaconing works)

by "Octavian Rasnita" <orasnita(at)home.ro>

 Date:  Tue, 28 Jan 2003 18:55:42 +0200
 To:  "Davies,
Elizabeth H." <EHDavies(at)west.com>,
<hwg-techniques(at)hwg.org>
 References:  westworlds
  todo: View Thread, Original
I thought that the email address can be found if that cookie is set from an
email message.

Teddy,
Teddy's Center: http://teddy.fcc.ro/
Email: orasnita(at)home.ro

----- Original Message -----
From: "Davies, Elizabeth H." <EHDavies(at)west.com>
To: "Octavian Rasnita" <orasnita(at)home.ro>; <hwg-techniques(at)hwg.org>
Sent: Tuesday, January 28, 2003 4:37 PM
Subject: RE: Yahoo (How beaconing works)


>>What I don't know if it is possible to find out the email address of the
>>person who reads the message.
>>I won't send a message private but to a mailing list.

To my knowledge, NO (and thank god-dess). In order to do that you would need
to  go into their computer and extract personal information. There is no
honest way to do this... if you could get their email address, you could get
anything else. I would put that at severe invasion of privacy (at a
minimum). All you can grab are the environmental variables such as OS,
Browser/mailreader that opened, IP address, etc.... Given that more and more
IP addresses are dynamic, this is no longer a consistent or reliable method
of identifying a computer.

The only thing you could possibly do is set a cookie that might identify a
person if they open something a second time... given that you know who they
are the FIRST time because they opted IN to your mailing list. And this is
limited if a person turns off cookies or has some solid spyware software to
protect them.

Regardless of what good it might do you for your mailing list, it would
spell disaster for security overall... BUT if you find a way, let me know...
I need to block it ASAP.

Elizabeth Davies
Web Designer

HWG hwg-techniques mailing list archives, maintained by Webmasters @ IWA