NYCPHP Meetup

NYPHP.org

[nycphp-talk] WAS: Gmail invitation

Tim Gales tgales at tgaconnect.com
Thu Jun 17 10:00:28 EDT 2004 

 Rolan Yang writes:
> 
> Hey, if you want to check out a really hot front end for 
> webmail, give oddpost.com a try. They have a free trial now.
> 

Okay I tried going over there.

I got thrown four or five cookies 
(I didn't really count them -- 
 it just seemed I had to answer no
  many time to an IE privacy alert msg box)

One of the cookies wouldn't say what it 
was going to use the cookie info for -- 
you know, no privacy policy information.

One cookie did say what its information 
was going to be used for. It was from hitbox. 
(of course very few times, if ever, does anyone  
take the time and to try actually check and see if people 
are 'living up' to what they promise in terms of 
their privacy policy anyway so maybe the point is 
moot)

Hitbox cookies have a pretty big 'clot factor' 
('clot factor' is a measure of how much something 
gums up a machine running windows by adding registry entries, 
files, and directories -- basically gunk)

I didn't check all the cookies to see which ones were 
coming from hitbox (there are about a half a dozen or 
so possible cookies they might send),
I just said no to any more cookies.

Of course I could remove this gunk (or clot) later 
when my browser starts to clog and bog down. 

Then I got a 'friendly' message box informing me 
that outpost couldn't function properly with the 
way my browser settings were configured.

And it gave me step by step instructions on how 
to hand over root privileges to them -- people 
I don't know.

( I know I could log in as a lesser privileged 
user to XP for browsing -- but who has the time for 
that?)

Actually there are some rather nasty exploits 
(which are published nevertheless) available to 
malicious intruders of your machine via 
Internet Explorer -- which Microsoft knows about.
(I think there is an SP2 patch ready or near 
ready from Microsoft to combat the security holes)

The point is you might want to refrain from 
running active-x controls until you get the 
new patch.

Apologies in advance -- I know this is not 
a windows list. Still the advice to not 
run active-x controls probably will be of 
value to many on this list.


T. Gales & Associates
'Helping People Connect with Technology'

http://www.tgaconnect.com

More information about the talk mailing list