[24875] in bugtraq
privacy issues in metor.com (a search engine)
daemon@ATHENA.MIT.EDU (Tom Micklovitch)
Fri Mar 29 15:26:55 2002
Message-ID: <20020327095705.32625.qmail@web20302.mail.yahoo.com>
Date: Wed, 27 Mar 2002 01:57:05 -0800 (PST)
From: Tom Micklovitch <h_bugtraq@yahoo.com>
To: bugtraq@securityfocus.com
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
I was justr checking the stats to my homepage,
and I saw this URL:
http://www.metor.com/[91CB-0154-21F0]/se/results
if you go there, you can see what was searched
for. I have verified this, check out:
http://www.metor.com/[91DE-056F-8A93]/se/results
You'll see I typed "I search for this"
On an interesting side-note, this could be an
anonymous communication route - I've just left
you a message that no-one can access unless they
have the number-code between the square brackets.
If there was some way to predict the next numbers
in the sequence, you could trawl through for the
next reply (say by always using "plipflop" in the
replys, simply sequence through the next numbers,
looking for "plipflop")
anyway, that's all.
User24
=====
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12 - www.ebb.org/ungeek/
GIT d--- s--:- a--- C++++ UL++ P+ L+ E--- W+++ N- o-- K- w
O- M-- V- PS+++ PE-- Y+ PGP++ t+ 5- X+ R tv-- b+ DI++ D+
G+ e* h r++ y+++
------END GEEK CODE BLOCK------
__________________________________________________
Do You Yahoo!?
Yahoo! Movies - coverage of the 74th Academy Awards®
http://movies.yahoo.com/
