Our increasing dependence on the Internet decreases our chances of maintaining privacy. But with a little care, you can still use the Web without revealing your e-mail address or personal identity--right? Alas, the most recent discovery by independent security analyst Richard M. Smith challenges that assumption.
Today, many Web sites place cookies on your hard disk to profile your interests and deliver customized information. In theory, cookies identify only the PC, not the person using it.
However, as Smith discovered, a loophole in both Internet Explorer and Netscape Navigator makes it surprisingly easy to match e-mail addresses and cookies, thereby linking a unique identifier to a nameless profile. When you view an e-mail message sent in HTML format, your e-mail software uses a browser to display it. Any graphic in the HTML message must be loaded from the originating server, and any cookie previously deposited by that server will be transmitted back to the site when the graphic is fetched. That fetch request can also transmit your e-mail address. By sending out junk e-mail with graphics, advertisers can match e-mail addresses with previously issued cookies.
So far, no one appears to have tried this trick. And if privacy advocates have their way, no one will: Smith has joined with eight privacy and consumer groups in asking the Federal Trade Commission to require that software makers close the loophole.
Microsoft and Netscape told us they were investigating the issue, but neither had announced a patch. In an e-mail to PC World, a Microsoft spokesperson said the company had confirmed Smith's theory, but "it does not appear this is a problem that technology alone can solve. The solution may lie in appropriate regulation [of Web companies]."
For the time being, the surest way to protect your anonymity is to instruct your browser not to accept cookies and delete existing cookies from your hard drive. But if you reject cookies, you may not be able to access your favorite Web sites. For more on tossing your cookies, see "Guard Your Online Privacy: Web Privacy."
- Page 1 of 2
- Next »
Would you recommend this story? YES NO
-
ThinkPad Edge E420 Lenovo Style in an Affordable Package
Buy now direct from Lenovo -
ThinkPad X220 Fast and light, with great input ergonomics and battery life, this powerhouse ultraportable is best-of-breed.
Buy now direct from Lenovo -
ThinkPad X120e One of the best netbooks ever, X120e has the best netbook keyboard ever--nothing else comes close
Buy now direct from Lenovo
- Indie Kinect Game Turns Your Doodles Into Weapons Of War Soldiers are advancing, and the only way to stop them is to by doodling on a whiteboard.
- These Pants Have a Built-In Keyboard, May Draw Funny Looks Want to show off your geeky credentials while also having vital useful PC accessories with you at all times? Look at these concept pants.
- Angry Birds in Space: The Final Merchandising Frontier? Angry Birds in Space will arrive March 22.
- This Card Game Takes Your Nerd Altercations to the Next Level Can't settle your differences in a debate? Geek Fight will let you duke it out via a card game.
- 12 Criteria for Selecting the Best ERP System Replacement An ERP system is your information backbone and reaches into all areas of your business and value chain. Replacing it can open unlimited business opportunities. This white paper explains the 12 criteria that allow you to identify and select the solution that will meet these expectations.
- Leveraging Social Computing Technologies for ERP Applications This white paper details how Web 2.0 technologies support business strategies by improving efficiency, productivity, and collaboration.
-
Liberties Groups Rap Google's Skirting of Safari's Privacy Protections
-
Twitter Enables HTTPS by Default
-
Google's Safari Tracking Debacle: Reality Check
-
Tax Prep? There's an App for That, Too
-
Privacy Tussle Brews Over Social Media Monitoring
-
Motorola's Android OS Upgrade Timeline Is Mostly Bad News
-
Android 5.0 Jelly Bean Mobile Operating System May Arrive in Spring 2012
-
Google Working on Password Generator for Chrome
-
How Secure is My Facebook Information?
-
Google Chrome Update Fixes High-Severity Vulnerabilities, Patches Flash Player
-
Facebook to Verify Accounts, Allow Use of Nicknames
-
Adobe Confirms New Zero-day Flash Bug
Ad Choices