Date: Sat, 21 Apr 2001 22:18:54 -0700 From: "Ted Mittelstaedt" <tedm@toybox.placo.com> To: "Sheldon Hearn" <sheldonh@uunet.co.za>, "Alex Charalabidis" <alex@wnm.net> Cc: <freebsd-questions@FreeBSD.ORG> Subject: RE: Detecting mail client capabilities Message-ID: <00a301c0caeb$b944e800$1401a8c0@tedm.placo.com> In-Reply-To: <57914.987867085@axl.fw.uunet.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
>-----Original Message----- >From: owner-freebsd-questions@FreeBSD.ORG >[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Sheldon Hearn > > >On Sat, 21 Apr 2001 10:29:53 EST, Alex Charalabidis wrote: > >> I suppose you could extract user agent, system and display information >> from the HTTP request--all those javascript-enabled web browsers >> volunteer plenty of information--and use the data to make an educated >> guess which will be correct 98% of the time. > >This is what I suggested to my employers, who're insisting that there's >some other "e-mail sniffer" that you "send to the client" that isn't >what I'm suggesting. :-) > There is a way to extract the e-mail address from a Microsoft browser, if you search around on the net you will find a website put up by some guy that demonstrates the technique. Extraction takes place without the user's knowledge, of course. Only problem is that the method only works on Microsoft browsers, and it only retrieves the e-mail address that the user has typed into their Outlook Express (Or Outlook) if they are using Eudora or any other mail client then that e-mail address can be bogus, of course. Also I believe that there is a way to disable the "feature" if your a MS browser user and you don't wish to get your e-mail address extracted without your knowledge. In my opinion there's serious privacy and ethical issues with obtaining information without the consent of the user. Think long and hard before you implement something like this for your employers - would you really like this to be done to you when you surf the net? Frankly, in my opinion, networking types (like most of the folks that read this mailing list) have a moral responsibility that is over and above that of anyone else to keep the Internet from being abused by those who don't appear to have any scruples about invading people's privacy. The facts are that 99% of the managers that are this morally bankrupt are unable to implement privacy-invading techniques on their network - so they usually attempt to pay someone like us to do it for them. It is not that hard for you or I to implement these sorts of things, and if we do then we are helping to bring the day closer when the people revolt and demand tight governmental regulation of the Internet to stop this sort of thing. I know that I couldn't look myself in the mirror every morning nor expect my children to hold me in any kind of respect if I implemented these sorts of things so I do not. I hope you feel the same. Ted Mittelstaedt tedm@toybox.placo.com Author of: The FreeBSD Corporate Networker's Guide Book website: http://www.freebsd-corp-net-guide.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00a301c0caeb$b944e800$1401a8c0>