Linux Today: Linux News On Internet Time.

NY Times: A New Trick Gives Snoops Easy Access to E-Mail

Feb 05, 2001, 19:01 (5 Talkback[s])
(Other stories by Amy Harmon)

"For those still harboring the illusion that e-mail exchanges are private, a watchdog group has uncovered a new trick that enables someone to essentially bug an e-mail message so that the spy would be privy to any comments that a recipient might add as the message is forwarded to others or sent back and forth."

"The maneuver does not take advantage of any security flaw in e-mail software. It is simply one feature of a fancier and increasingly common form of e-mail known as HTML mail, which enables users to send and receive e-mail messages that look and act like a Web page."

"With the spying technique, a few lines of a programming language called JavaScript, often used on Web sites to create pop-up windows and navigational aids, can be embedded in such a message. This implant, not visible to the recipient, enables the text to be secretly returned to its original sender every time it is forwarded to another recipient, as long as the recipients' e-mail programs are set up to read JavaScript."

Complete Story

Related Stories: