|
Honeypots
mailing list archives
Re: How do web beacons work?
From: Michal Zalewski <lcamtuf () coredump cx>
Date: Thu, 6 Jan 2005 17:54:54 +0100 (CET)
On Thu, 6 Jan 2005, Lance Spitzner wrote:
Okay, what exactly is a web beacon?
Looks like an euphemism made up by PR drones. It appears to be a classic
privacy-invading web bug. Kudos to them; the word "beacon" sounds great -
so reassuring and harmless; and so similar to another great word, "bacon".
Yahoo! describes two uses of this web bacon thingy:
1) Web bug in a HTML mail - when the file is requested, it would appear
that you just opened (and read) a mail we sent you earlier. Can be
used to verify addresses used for spamming, or just shamelessly
track users.
You know, as in:
<IMG SRC="http://lcamtuf.coredump.cx/lance_just_read_this_mail.jpg";
HEIGHT=1 WIDTH=1>
2) Third-party domain bug (or banner or whatnot) on a HTML page.
A banner from the same supplier placed on various sites can be used,
through cookies, to track your activity across domains (checking
Referer or unique names in banner URI).
See http://www.allaboutcookies.org/faqs/beacons.html and so on.
--
------------------------- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--------------------------- 2005-01-06 17:41 --
http://lcamtuf.coredump.cx/photo/current/
 By Date 
By Thread
Current thread:
|
Intro
![http://lcamtuf.coredump.cx/lance_just_read_this_mail.jpg"](http://lcamtuf.coredump.cx/lance_just_read_this_mail.jpg"){kind=link}