Bug#417796: mozilla-browser: possible information exposure

Caspar Bothmer caspar-debian at cbothmer.org
Fri Apr 6 12:10:57 UTC 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mike Hommey wrote:
| OMFFSM, when I click on a link, that is logged on a remote server !
| That's my privacy being violated !

That's two different things, don't you think?

If I click on a link, I use that link as it is meant to be, to get
further information from that remote server and tell that server to give
this information to me.

If I move my mouse over a page I retrieved from the remote server I do
not expect this to send anything to the remote server while doing so.

I agree with you that in most occasions there is no intent to abuse
this.  But that's the same with all other techniques used on the net,
isn't it?


| Do you realize your claim sounds pretty ridiculous ?

I am aware that the impact is not as problematic as other leaks, that's
why I didn't set severity to a higher level.  I am also aware that some
might not see the problem, which doesn't falsify the claim itself.

BTW: could you explain OMFFSM, please?


caspar
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGFjjQzpQ+GCsPNMERAlgCAJ9qSY+56C0nX1jTcuMEo/jW18hmJwCg0LdM
H3FrlIwCRfOjL7jcVJmeCYU=
=Tch6
-----END PGP SIGNATURE-----




More information about the pkg-mozilla-maintainers mailing list