Re: javascript Security... the official word

["anx.scan" <anx.scan@ix8.ix.netcom.com>]

Hello...

can someone please post the java script code for capturing a viewer's 
email address and the page they linked from?  The rest of the flaws 
will probably be out... but hopefully these two options will stay, 
for they are useful and not really a privacy issue.

thanks


> >"THE WORLD WIDE WEB SECURITY FAQ (Version 1.2.0, February 28 1996)"
> >by Lincoln D. Stein <lstein@genome.wi.mit.edu>
> >- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> >
> >   You should be extremely concerned about JavaScript, an integral part
> >   of Netscape Navigator 2.0. It allows many types of private information
> >   to be included in data submitted to remote sites by fill-out forms,
> >   without the consent, or even the knowledge of the user. For example, a
> >   recently published script showed how a JavaScript page could grab a
> >   user's e-mail address from Netscape's preferences dialog and send it
> >  user's e-mail address from Netscape's preferences dialog and send it
> >   across the Internet.
> 
> I do not understand where being able to grab a user/visitor's email address is a
> breach of privacy or a worry.   Actually I find it pretty darn useful... If
> someone visits a site they DO leave a bunch of logs all over the place and they
> could evenrutally be traced to a singular individual without that much work..
__________________________________
For the love of simplicity in admiration of complexity,
A n x . s c a n

anxscan@basementindustry.org
fax: 1.708.369.6510

Try This: t h e  b a s e m e n t  i n d u s t r y
http://www.basementindustry.org
--------------------------------------------------------------------
For help about the list, please send a message to 'majordomo@obscure.org'
with the message body 'help'. To unsubscribe, send a message to
'majordomo@obscure.org' with the message body 'unsubscribe javascript'.
List archives and pointer to FAQ: http://www.obscure.org/javascript/