LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Javascript page bugs

Javascript page bugs

Posted Mar 31, 2005 9:13 UTC (Thu) by rwmj (subscriber, #5474)
In reply to: Differences from server logs by corbet
Parent article: Unexpected features in Acrobat 7

Actually, it's no different from Javascript page bugs, which are
routinely embedded in HTML files. Dozens of web analytics companies
(Web Trends, Urchin and Nedstat are the "big three") do this sort
of monitoring, precisely so that web page views can be tracked when
the HTML is sent by email or saved to disk.

While there are undesirable possibilities to this, in probably 99.9999%
of cases the stats are simply used for aggregate tracking for
building up marketing stats which few people in marketing even
read, let alone understand.

Rich.

(Log in to post comments)

Javascript page bugs

Posted Mar 31, 2005 16:51 UTC (Thu) by martinfick (subscriber, #4455) [Link]

"Actually, it's no different from Javascript page bugs"

You are correct, that doesn't mean that they don't suck.
Html is bad for email:
http://www.avernus.com/~gadams/essays/20020418-html-mail....

Javascript page bugs

Posted Mar 31, 2005 16:58 UTC (Thu) by rwmj (subscriber, #5474) [Link]

Sure, HTML is bad for email.

_I_ know that, and _you_ know that, but the huge majority
of the unwashed LookOut-using users send each other top-posted
HTML-encoded web pages all the time.

Marketing people want to track this. They perceive (correctly)
that their statistics will contain a systematic bias if they
are not able to track when their web pages are emailed, read
offline, saved to disk, and so on. They are probably not clueful
enough to deduce useful information from the aggregate data,
but that doesn't mean there is some conspiracy going on here.

Rich.

Javascript page bugs

Posted Apr 3, 2005 23:00 UTC (Sun) by error27 (subscriber, #8346) [Link]

Say a website has a bug in it. That's fine. They already have that info but the web bug is an easier way to sort it. It's their computer so they can do what they want.

If there is a bug in your email or PDF that's a different story. Most email clients are good and don't allow spying. I use Yahoo, Gmail and pine and all three are secure.

My computer is my property and it should only serve me. It's like Adobe is run by some kind of hippies who don't believe in property. "We'll just waltz into the house that you paid for and raid the fridge and leave flowers strewn on the carpet."

Perhaps I sound like a Republican but people like this should be thrown in jail.

Javascript page bugs

Posted Apr 12, 2005 15:35 UTC (Tue) by gvy (guest, #11981) [Link]

Pine's buggy, not secure. It could lead to even worse consequences.

As our security officer has put it, "one specially crafted message was enough reason for me to drop Pine". He's using Mutt now, me too (for being programmable, but that's another matter).

Telling they're insecure doesn't make us more secure per se... even if it's not exactly technical security.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds