Re: Can a website grab your userID or email address from javascript or any such means?
From: Bit Twister (BitTwister@localhost.localdomain)
Date: 01/05/03
- Next message: a s m x 4: "test"
- Previous message: Jan Reilink: "Re: HTTP Cookie question"
- In reply to: Ashok: "Can a website grab your userID or email address from javascript or any such means?"
- Next in thread: KMsLoverboy: "Re: Can a website grab your userID or email address from javascript or any such means?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Bit Twister <BitTwister@localhost.localdomain> Date: Sun, 05 Jan 2003 15:35:30 GMT
On 3 Jan 2003 20:13:03 -0800, Ashok wrote:
> Recently I saw some unsolicited email in my inbox whose email I never
> gave out.
> My ISP swears it does not sell address'es
Maybe they just share, not sell, it among their business partners :)
I know when @HOME was an ISP, you had to root around to find the
setting to say NO to sharing your email addy with @HOME partners.
I thought when ATTBI picked up @HOME customers, they had that option
for awhile. Have not checked the new email screen for a year or so.
Since you are a comcast customer, you might want to go back to the
email setup screen to check the account settings.
> and suggested that some sites steal email id's..
How true
> Is it possible from a broadband connection that someone can grab my
> email or userid just from the browser?
You did not post what OS and browser(s) your are using. Take a look at
http://www.guninski.com/
Check your browser setting, some will send your email addy
as password when using ftp anonymous login when your are downloading.
Have you looked on http://www.cert.org/advisories/
arbitrary/malicious code can do whatever the code wants/gets away with
Some may just snatch email addys.
Have you ever looked in your browser's cookie file.
I have setup seperate linux accounts for each activity
creditcard, ispemail, surfing, . . .
As the account logs out, the logout script, deletes files and reloads
the account with pristine files.
Last but not least, spammers have dictionary files and just
change the isp value and send it again.
Unlike Bill Unruh, I munged your email with x to help only a small
bit to keep your email addy from being in the archives.
My eamil addresses are always funky and not something easy like
uxashok_001.
That tends to indicate that uxashok_001 is the second user (uxashok)
and the second uxashok received uxashok_001 as a suggested email addy.
These are the things which the spammers, start munging to
generate email messages. Now they can try things
like uxashok.comcast.net, uxashok.attbi.com, ...
Anytime you want to pick an email address, you might want to use
http://groups.google.com/advanced_group_search to see if it is used
on Usenet.
I looked up uxashok and did not find any usage, so far.
- Next message: a s m x 4: "test"
- Previous message: Jan Reilink: "Re: HTTP Cookie question"
- In reply to: Ashok: "Can a website grab your userID or email address from javascript or any such means?"
- Next in thread: KMsLoverboy: "Re: Can a website grab your userID or email address from javascript or any such means?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
