[389] in WWW Security List Archive
Re: What's the deal ?
daemon@ATHENA.MIT.EDU (Owen Rees)
Wed Feb 15 11:22:45 1995
To: www-security@ns2.rutgers.edu
In-Reply-To: Message from mpoole@heac006.gb.ec.ps.net of Tue, 14 Feb 1995
11:45:15 +0000.
<199502141127.GAA08163@ns2.rutgers.edu>
Date: Wed, 15 Feb 1995 12:45:33 +0000
From: Owen Rees <rtor@ansa.co.uk>
Reply-To: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
mpoole@heac006.gb.ec.ps.net writes:
> I suspect that the following is not a real issue, but would be interested
> to hear if anyone has any real details of what the problems are/were.
>
>
> > ONLINE SPYING
> > While you're connected to your favorite Web page, it's also connected
> > to you, and could be copying all sorts of information off your hard
> > drive, say industry experts.
There is an issue here - insert "the Internet in order to read" after
"connected to". People are now using PPP/SLIP dial-up in order to access the
Web. Other internet hosts could attempt to connect while the user is browsing.
I have anecdotal information that some users believe that they do not need to
worry about security because their connection is dial-up rather than
permanent. In particular, they do not bother to check whether or not their
system has any internet services enabled.
> > In fact, it happened last year when
> > Central Point Software used registration software [etc.]
A problem, not the one I described above, and insufficient data to determine
whether or not this is the problem the "industry expert" was asked about since
it is only the sensational sound-bite that is left of whatever the expert may
have said.
Regards,
Owen Rees <rtor@ansa.co.uk>
Information about ANSA is at <URL:http://www.ansa.co.uk/>.
