[107600] in Cypherpunks
Re: loose-lipped browsers
daemon@ATHENA.MIT.EDU (Eric Murray)
Tue Jan 19 10:57:11 1999
From: Eric Murray <ericm@lne.com>
To: tv@wlwonline.de
Date: Tue, 19 Jan 1999 07:46:11 -0800 (PST)
Cc: cypherpunks@cyberpass.net
In-Reply-To: <36A2F17A.18105A9F@wlwonline.de> from "Tom Vogt" at Jan 18, 99 09:31:54 am
Reply-To: Eric Murray <ericm@lne.com>
Tom Vogt writes:
>
> Anonymous wrote:
> >
> > How can you tell if your browser will send your email address
> > to sites you are surfing?
>
> traceroute | grep "tv@wlwonline.de"
I think you meant snoop (or whatever packet sniffer is common on
your platform). Traceroute just shows you the path of the packets
from source to destination, not their content.
I think that it was Netscape 1.0 or so which sent the user's
email address in the HTTP headers. It didn't last for long-
there were complaints and they fixed it in a subsequent version.
I don't know if MSIE ever sent the users email address in
the HTTP headers.
Browsers still send info about the machine that they're running on:
The IP address (impossible to fix unless you go through an
anonymizer or some sort of proxy), and the User-Agent line, which
usually looks something like:
User-Agent: Mozilla/3.0Gold (X11; U; Linux 2.0.1 i686)
If you don't like sending this sort of info to servers, you can
run a privacy proxy like my "Cookie Jar" (http://www.lne.com/ericm/cookie_jar).
It'll filter out the User-Agent line, or send random info
which you provide (there's probably some puzzled webserver log-watchers
out there wondering who's the sicko viewing their site using X10 on MVS
or MSDOS 2.0). It'll also filter out ads and cookies.
I just added a web-based configuration interface to it, hence the plug.
--
Eric Murray N*Able Technologies www.nabletech.com
(email: ericm at the sites lne.com or nabletech.com) PGP keyid:E03F65E5
