The problem is, they state that this may not be limited to IE/Outlook (Express):
NOTE: Using an alternate web browser may not mitigate this vulnerability. It may be possible for a web browser other than IE on a Windows system to invoke IE to handle ITS protocol URLs.
Another instance where unbundling and removing IE from a system would be beneficial...
pressing [f3] in windows or outlook (shudder) and asking it to search is exactly the same.
I can search through my entire filesystem/mails for data.
Infact, doesnt windows (2000/xp) index your files by default?
Is this also illegal?
As I recall from the article, the complaint is not with the searching, but with the residual data which remains on the server after closing the account or delting a mail.
When I delete a file from my desktop, it leaves residual information - I can at a later date go and attempt to recover it if I need to.
Exactly the same thing happens every day, and with much more information - Used computers given a quick format (at best, sometimes even just a new user account) are passed around and nobody bats an eyelid.
I smell a big fat MSN or Yahoo sized rat at the root of this complaint.
isnt this EXACTLY the same as deleting a file from your desktop?
Doesnt the operating system simply remove its header from the link chain (or whatever fancy filesystem scheme is in place).
I'm sure the general slashdot crowd wouldn't have too much trouble recovering deleted data from a drive.
This whole google privacy issue feels like a jealous smear campaign by the other major mail providers - who are just as susceptable to the same issues.
They are indexing YOUR emails to target adverts to YOU. Also remember, that they are using this information to allow searching for stuff inside your own emails.
There wont be a random flag on google.com's front page to allow searching someone elses email
I wont get targeted adverts for content stored in YOUR email.
Or could you.......
Your search within "billgates@gmail.com" for - "Linux installation" - did not match any documents.
Suggestions:
- Make sure all words are spelled correctly. - Try different keywords. - Try more general keywords. - Try hijacking another email address.
And at the same time in one foul sweep, google could practically wipe out attachment virii.
If the md5 of every attachment was stored linking back to the single copy of the attachment, it is a simple routine step to assume that once this attachment is identified as a Virus or Spam, that it will be removed and become unavailable for everybody worldwide.
I have queried this since my days in college - watching the Exchange server practically explode as it copied thousands of Melissa (mightv been lovebug) copies.
Why oh why doesnt the method I have proposed get used. Surely there is some big complex reason that I'm totally overlooking.
It will simply index your entire mailbox, incoming or outgoing.
I don't see a problem with this - PROVIDING - it is secure enough and private enough that only I get to see the results of that.
I can quite honestly see it replacing bookmarks in my regular work.
Currently, whenever I find something interesting at work, I mail the link to my home account.
Now, if while google is searching the web, it started using MY personal preferences and keywords to build up a much more tuned result list, things could start to get very interesting.
Without the wealth of information that your emails provide, it cannot even begin to store YOUR profile properly.
A cookie can only do so much; a 1GB gMail folder could be just what google needs.
I dont think we are gonna get screwed over - the adverts on slash don't bother me so much - its a site I go on every day, and if they want to *try* and sell me something, then fine.
I run with flash disabled and animations disabled (gifs are static), but I havent gone as far as disabling them entirely wherever I go (I treat the web like paper media, and dont have adverts jumping out at me whilst reading a book, or newspaper).
I'm more interested in what the data is going to be used for than how to stop them knowing.
Geolocation via IP requires lookups from a database/server, and is possibly costly for large numbers of transactions. This could provide enough of a break to identify timezone location.
This would be especially handy if they were looking at additional servers in europe for instance. I know there was a big fuss when they moved across the states - maybe this is another expansion.
The policies you setup at your gateway are under your own control, but I personally think this is nothing to worry about, and may actually benefit us in the coming months.
Of course I could be wrong and its all in preperation for some slashdot/microsoft partnership - heck - now that WOULD be a decent April fools joke
I started to notice them at about the same time my posting page started to go a bit screwy.
Something else, the URL includes parameters - things really arent what they seem.
The parameter passed is (with java enabled) the time on my computer. Without java, a seemingly random constant parameter (changing with each refresh, so most likely server time) is posted.
So - the people at slash want to know what time we are reading the pages - their server timestamping just isn't good enough.
I could summise that they wanted to know this information to plan the best times for posting stories, or targeting adverts?
As far as I can see, its a pretty rudimentary, though extremely clever way of geolocating their consumers.
They could change the ad-rotation to show English ads at a time when the majority of americans are sleeping (or vice versa).
Based on the timestamp, they can estimate who is browsing from work, and who is at home (based on "normal" working hours).
So your telling me that md5'ing every attachment and using the hash wouldnt work?
Though I do see your point, its at least feasible.
On a slightly related idea, Yahoo offer an "Office attachments" page, updated weekly with all the stuff that goes around emails - I've started pointing people there instead of sending the files themselves. Its much better than filling peoples accounts.
What makes you think that google will not just store the 1st copy of the attachment, and point everybody else to that?
Since everything is fully indexed, it should be pretty easy to do something similar - even exclude virus files simply and easily with one quick stroke.
Somebody just came up with a suggestion further up regarding this history thing, but I feel it would be better suited to Bookmarks.
The longer you spend on the page, the more vibrant the colours get - ie new pages start off black and white and progress to color.
I think windows already impliments a similar scheme of Hiding unused bookmarks, but once you have used it, it gets put into the list - this is impractical, cos all the bookmarks have been used at some point or other.
Also, setting up a few categories (not folders) for my links would help - allowing me to keep all my work stuff away from my code and away from the news sites etc. When I know im looking for news I can simply find them all.
These arent new ideas, but our absolutely right, the implimentation of current ones is lacking.
I tend to want to quickly bookmark what I'm reading at that moment, and to that end have page after page of links - usually all clustered together based on the subject I'm investigating.
You know - the simplest little tiny change that would help ME out would be for IExplorer to remember the last folder I saved a bookmark into (even if it was just session wide), so that I can continue dropping bookmarks in without concern about overfilling my main root branch.
Thats very interesting indeed.
I especially like the items allowed to be transfered for free by this system, though I doubt the RIAA would approve:
c. Paper, records, tapes, and other material for the production of reading matter, musical scores, or sound reproductions.
The problem is, they state that this may not be limited to IE/Outlook (Express):
NOTE: Using an alternate web browser may not mitigate this vulnerability. It may be possible for a web browser other than IE on a Windows system to invoke IE to handle ITS protocol URLs.
Another instance where unbundling and removing IE from a system would be beneficial...
Not bad, Packet data, AND a decent meal.
:D
Flame grilled pigeon tastes quite nice
pressing [f3] in windows or outlook (shudder) and asking it to search is exactly the same.
I can search through my entire filesystem/mails for data.
Infact, doesnt windows (2000/xp) index your files by default?
Is this also illegal?
As I recall from the article, the complaint is not with the searching, but with the residual data which remains on the server after closing the account or delting a mail.
When I delete a file from my desktop, it leaves residual information - I can at a later date go and attempt to recover it if I need to.
Exactly the same thing happens every day, and with much more information - Used computers given a quick format (at best, sometimes even just a new user account) are passed around and nobody bats an eyelid.
I smell a big fat MSN or Yahoo sized rat at the root of this complaint.
isnt this EXACTLY the same as deleting a file from your desktop?
Doesnt the operating system simply remove its header from the link chain (or whatever fancy filesystem scheme is in place).
I'm sure the general slashdot crowd wouldn't have too much trouble recovering deleted data from a drive.
This whole google privacy issue feels like a jealous smear campaign by the other major mail providers - who are just as susceptable to the same issues.
Thats the thing,
They arent violating your privacy.
They are indexing YOUR emails to target adverts to YOU. Also remember, that they are using this information to allow searching for stuff inside your own emails.
There wont be a random flag on google.com's front page to allow searching someone elses email
I wont get targeted adverts for content stored in YOUR email.
Or could you.......
Your search within "billgates@gmail.com" for - "Linux installation" - did not match any documents.
Suggestions:
- Make sure all words are spelled correctly.
- Try different keywords.
- Try more general keywords.
- Try hijacking another email address.
Mmmmmmmmmm
long life Cookies and milk.
*settles down for a nap under the server cabinet*
I got a note from my mum saying I don't have to do any maths today.
gMail disk device driver...
I sense a sourceforge project coming lol
format g:
WARNING, ALL DATA ON EXTREMELY-REMOVABLE DISK
DRIVE g: WILL BE LOST!
Proceed with Format (Y/N)?_
It doesnt even need major compression.
And at the same time in one foul sweep, google could practically wipe out attachment virii.
If the md5 of every attachment was stored linking back to the single copy of the attachment, it is a simple routine step to assume that once this attachment is identified as a Virus or Spam, that it will be removed and become unavailable for everybody worldwide.
I have queried this since my days in college - watching the Exchange server practically explode as it copied thousands of Melissa (mightv been lovebug) copies.
Why oh why doesnt the method I have proposed get used. Surely there is some big complex reason that I'm totally overlooking.
It will simply index your entire mailbox, incoming or outgoing.
I don't see a problem with this - PROVIDING - it is secure enough and private enough that only I get to see the results of that.
I can quite honestly see it replacing bookmarks in my regular work.
Currently, whenever I find something interesting at work, I mail the link to my home account.
Now, if while google is searching the web, it started using MY personal preferences and keywords to build up a much more tuned result list, things could start to get very interesting.
Without the wealth of information that your emails provide, it cannot even begin to store YOUR profile properly.
A cookie can only do so much; a 1GB gMail folder could be just what google needs.
lol
I dont think we are gonna get screwed over - the adverts on slash don't bother me so much - its a site I go on every day, and if they want to *try* and sell me something, then fine.
I run with flash disabled and animations disabled (gifs are static), but I havent gone as far as disabling them entirely wherever I go (I treat the web like paper media, and dont have adverts jumping out at me whilst reading a book, or newspaper).
I'm more interested in what the data is going to be used for than how to stop them knowing.
Geolocation via IP requires lookups from a database/server, and is possibly costly for large numbers of transactions. This could provide enough of a break to identify timezone location.
This would be especially handy if they were looking at additional servers in europe for instance. I know there was a big fuss when they moved across the states - maybe this is another expansion.
The policies you setup at your gateway are under your own control, but I personally think this is nothing to worry about, and may actually benefit us in the coming months.
Of course I could be wrong and its all in preperation for some slashdot/microsoft partnership - heck - now that WOULD be a decent April fools joke
I think its part of the latest updates.
I started to notice them at about the same time my posting page started to go a bit screwy.
Something else, the URL includes parameters - things really arent what they seem.
The parameter passed is (with java enabled) the time on my computer. Without java, a seemingly random constant parameter (changing with each refresh, so most likely server time) is posted.
So - the people at slash want to know what time we are reading the pages - their server timestamping just isn't good enough.
I could summise that they wanted to know this information to plan the best times for posting stories, or targeting adverts?
As far as I can see, its a pretty rudimentary, though extremely clever way of geolocating their consumers.
They could change the ad-rotation to show English ads at a time when the majority of americans are sleeping (or vice versa).
Based on the timestamp, they can estimate who is browsing from work, and who is at home (based on "normal" working hours).
Its certainly intruiging.
regarding your sig -
surely the audit simply only has to recieve a connection request. Whether or not the server sends the data is irrelivent.
it exists now....
go see - quite a shocker lol
So your telling me that md5'ing every attachment and using the hash wouldnt work?
Though I do see your point, its at least feasible.
On a slightly related idea, Yahoo offer an "Office attachments" page, updated weekly with all the stuff that goes around emails - I've started pointing people there instead of sending the files themselves. Its much better than filling peoples accounts.
What makes you think that google will not just store the 1st copy of the attachment, and point everybody else to that?
Since everything is fully indexed, it should be pretty easy to do something similar - even exclude virus files simply and easily with one quick stroke.
Somebody just came up with a suggestion further up regarding this history thing, but I feel it would be better suited to Bookmarks.
The longer you spend on the page, the more vibrant the colours get - ie new pages start off black and white and progress to color.
I think windows already impliments a similar scheme of Hiding unused bookmarks, but once you have used it, it gets put into the list - this is impractical, cos all the bookmarks have been used at some point or other.
Also, setting up a few categories (not folders) for my links would help - allowing me to keep all my work stuff away from my code and away from the news sites etc. When I know im looking for news I can simply find them all.
These arent new ideas, but our absolutely right, the implimentation of current ones is lacking.
I tend to want to quickly bookmark what I'm reading at that moment, and to that end have page after page of links - usually all clustered together based on the subject I'm investigating.
You know - the simplest little tiny change that would help ME out would be for IExplorer to remember the last folder I saved a bookmark into (even if it was just session wide), so that I can continue dropping bookmarks in without concern about overfilling my main root branch.
I'd have got away with it if it hadn't been for you pesky kids!
I do! :)
A medical wiki
Allowing diagnosis treatment charts to be followed, and a place to enter new symptoms and conditions effecting the decision.
Get the doctors insterested in a scheme and build up a huge medical database.
Peer review then sorts out the crappy answers from the useful.
not painful at all :)
It was just a quickie anyway, the punchline was more important than the accuracy
doubt it, or EV1 would be suing for breach of contract surely?
I sense a need for organ donation if she continues travelling through.
Bribing the guards 6000 rupels
Tank of petrol 190 rupels
Nice digital camera 2500 rupels
having glow in the dark hair - priceless
Damn!
Ive been ripped off, all my double sided DVDs have holes punched in the centre