Bug#417796: mozilla-browser: possible information exposure

Caspar Bothmer caspar-debian at cbothmer.org
Fri Apr 6 12:10:57 UTC 2007

Hash: SHA1

Mike Hommey wrote:
| OMFFSM, when I click on a link, that is logged on a remote server !
| That's my privacy being violated !

That's two different things, don't you think?

If I click on a link, I use that link as it is meant to be, to get
further information from that remote server and tell that server to give
this information to me.

If I move my mouse over a page I retrieved from the remote server I do
not expect this to send anything to the remote server while doing so.

I agree with you that in most occasions there is no intent to abuse
this.  But that's the same with all other techniques used on the net,
isn't it?

| Do you realize your claim sounds pretty ridiculous ?

I am aware that the impact is not as problematic as other leaks, that's
why I didn't set severity to a higher level.  I am also aware that some
might not see the problem, which doesn't falsify the claim itself.

BTW: could you explain OMFFSM, please?

Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the pkg-mozilla-maintainers mailing list