[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Query on cookies

To: [email protected]
Subject: Re: Query on cookies
From: [email protected] (Dr.Dimitri Vulis KOTM)
Date: Thu, 07 Aug 97 13:44:26 EDT
Comments: All power to the ZOG!
In-Reply-To: <[email protected]>
Organization: Brighton Beach Boardwalk BBS, Forest Hills, N.Y.
Sender: [email protected]

Declan McCullagh <[email protected]> writes:

> Thanks for the help, folks. This is for an article on privacy I was
> working on, and I found the info I needed. For instance, Netscape's
> explanation of the protocol left me wondering about whether cookies from
> acme.com could be requested by competitor.com.
The answer is YES, although it requires a little work.

Suppose that you point your browser at http://www.A.com/index.html.

Suppose that file contains an <img src="http://www.B.com/X.cgi">.
The CGI file displays a little picture, and also gets or sets a cookie.

Suppose you next browse http://www.C.com/index.html, and it too
contains the same <img src...>.  Since the cookie is "owned" by B.com,
not A.com or C.com, the cgi file can track your movement from A.Com to
B.Com.

---

<a href="mailto:[email protected]">Dr.Dimitri Vulis KOTM</a>
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps

Follow-Ups:
- Re: Query on cookies
  - From: Declan McCullagh <[email protected]>

References:
- Re: Query on cookies
  - From: Declan McCullagh <[email protected]>

Prev by Date: Money magazine on Internet gambling
Next by Date: disposable remailers (was Re: Eternity Uncensorable?)
Prev by thread: Re: Query on cookies
Next by thread: Re: Query on cookies
Index(es):
- Date
- Thread