[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [NOISE] Re: Easter Eggs



At 09:35 AM 9/27/95 -0400, you wrote:
>    Date: Tue, 26 Sep 1995 12:59:54 -0700
>    From: Alan Olsen <[email protected]>
>    
>    You also need X windows to find the Mozilla animated icon hack on
>    Jammie Zawinski's page.
>    ^^^^^^
>
>Just for the record, that's Jamie.

Hey!  I never said I could type at 1am!  Yes, I know.  #%#$#%ing spelling
flames.  Grumble. Grumble. (BTW, the compass egg will show up in any page
with /jwz/ in the url.  The "anim" tag on his page is bogus.)

>    obNetscapeHack: There is a feature called a "cookie file" in
>    Netscape that is ripe for exploitation as a security leak.  If you
>    are using a Netscape server (and you may not even need that), you
>    can feed all sorts of information into it without the user's
>    knowlege.  I have heard of one page that overloads the cookie file
>    until the machine runs out of drive space.  I am sure that there
>    are other exploitable holes there...  Any takers?
>
>Yikes!  That sounds really bad.  Do you have any more information on
>this?  For example, can the server write to anything other than
>$HOME/.netscape-cookies?  If I write protect that file, but it's still
>owned by me, will Netscape still modify it?

The url for the spec is: http://home.netscape.com/newsref/std/cookie_spec.html.

The cookie overload probibly only worked under 1.1 and before.  The spec
claims to have limits on the number of cookies you can have.  But between
this and the server API, I am sure that a hole or two has to exist.  This is
an area not explored by many.  (For good reason.  It is usually poorly
documented...)

OBParanoia:  Want something to really make you worried.  Imagine this for a
web page...  A local law enforcement agency decides that it wants to nab a
few of those "computer preverts".  They create a web site that has a cgi
script that looks for providers from a list.  It then has a link that shows
up only for people at one of those sites to "get hot porn pics".  They then
collect enough machine names and other info, then use the collected
information to obtain a warrent to seize the ISP's logs to match users with
machines. (Most browsers to not report e-mail address.) In the current
hysteria I do not see this scenerio too far off.  Makes you wonder what
constitutes entrapment anymore?

|  Minister of Forced Caffinization in the DNRC   | [email protected]   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |