Service Tracks When E-mail Is Read, How Long and Where
An Internet service is about to test the frontiers of e-mail privacy.
DidTheyReadIt.com, which will launch Monday, allows anyone to secretly track e-mails they send. You'll see whether someone opens your e-mail, how long the recipient keeps it open -- even where geographically the recipient is reading it.
Anyone know how they're doing this? Embedded web bugs or javascripts? This works with all clients, but what about text-only readers? I'm curious, and yet a little firghtened by this. I'm starting to feel like I need to put that tin foil hat back on...
One of my favorite things about Google was that it was “just search“. I despise the scumware that infests computers, since I'm one of those people who spends a considerable amount of time removing it from friends' and family computers. But is this really Google's place? I'm not such a big fan of leveraging one's status for social engineering.
Google defines good manners for adware
In an attempt to cut down on misbehaving adware and spyware, Google has released a set of suggested principles for software makers to follow when writing programs that embed themselves on Internet users' PCs.
But here's an interesting tidbit in the article:
In a sense, Google's move is a defensive, self-regulatory measure aimed at encouraging the mainstream software industry to find a way to make spyware and adware acceptable.
Could it be, then, that Google is not engineering, but is rather looking at distribution partnerships or potential acquisitions of the companies that make their adware palatable to the general public? Is Claria's GAIN the next AdWords outlet? Is this a serious profit motive cloaked in some warm and cuddly “looking out for the general public” banter?
For all the crap MS takes over their security holes (much of it justified), I don't remember one this bad. This is a serious flaw.
Mac Hole Has Users, Hackers Abuzz
The security hole stems from the way Mac OS X handles a pair of commonly used protocols: Help and Disk. When either protocol is invoked by a Web link, browsers launch the Help Viewer program or automatically mount a disk image.
Trouble is, the Help Viewer is set up to automatically run scripts. A Web link invokes the Help Viewer, which runs a script, executing a Unix command. A good example can be found here: Richard Bronosky's script (Mac OS X systems only) invokes Unix's "du" command, which harmlessly reports the contents of a hard drive in the Terminal Window. The script is easily adapted to erase the Home folder.
Microsoft Plots Windows Server Road Map
From an interview with Bob Muglia, MS VP of Windows Server Division:
Thus, Microsoft's Windows Server development strategy boils down to the following simple structure: The company will issue major Windows Server upgrades every 4 years, interspersed by minor Windows Server upgrades every 2 years. The first of these minor updates, code-named Windows 2003 Server R2 (for "release 2"), will ship in mid-2005. Then, the next major Windows Server release, Windows Server Longhorn, will ship in 2007 (about 6 to 12 months after the Longhorn client). A Longhorn Server update will ship in 2009, and we can expect Blackcomb Server in 2011.