Orwellian University

Discussion in 'General Distance Learning Discussions' started by Dool, Nov 8, 2005.

Loading...
  1. Dool

    Dool New Member

    I recently stumbled upon an unusual tracking device

    This varmint is an invisible graphic. Typically found in web pages, they send your IP to a server along with cookie data. As a web page is rendered, your private info is surrendered without your knowledge.

    What make this one so unusual is that it came in a MS Word doc. In other words, everytime the doc is opened, the occurence (and location) is logged at some server.

    Why am I posting this info here? The document was an exam.

    So if you are trolling Google looking for old exams and such, be mindful that you may be leaving a trail.

    I'll submit an example if anyone is interested.
     
  2. DesElms

    DesElms New Member

    Yes, please do.
     
  3. Dool

    Dool New Member

    DegreeInfo won't allow the attachment of Word docs, so I'm attaching the HTML code in a txt file.

    Just save the file as .htm and open in Word. When you do, your IP will be logged as your doc attempts to render the invisible image (1x1 pixel). Save it as a Word doc and you'll see the tracking is preserved.

    This code was found in a timed Harvard take-home exam. If I had "passed" the exam to anyone else it would have been tracked. If I had a copy of the exam prior to the testing window it would have been tracked.

    Very clever (and sneaky) way to catch cheating.

    There are many scenarios in which to use this technique.

    You have been warned.
     

    Attached Files:

  4. Dool

    Dool New Member

    The capability has been known since 2000.

    http://news.com.com/2100-1023-245160.html?legacy=cnet

    "We actually believe this is much ado about not much," Gurry said. "There is no evidence that anyone is exploiting that to potentially try and manage cookies through Word documents."

    I think this would qualify as evidence.

    "What this means basically is that if an author of a document for whatever reason cares about who is reading it, he can bug it and then monitor it," Smith said. "They can find out the IP address and host name of whoever is reading the document."


    Boy, this really frightens me. Imagine losing the ability to read anything anonymously. I wonder how long Harvard, or anyone else for that matter, has been tracking my reading habits.

    George Orwell was not sufficiently imaginative.
     
  5. DesElms

    DesElms New Member

    I opened the file as .TXT and examined the code. You're right about how it works... and, most likely, why.

    It's nothing new, though... not even in Word .DOC files. But that doesn't mean it can't still be effective.

    The fellow behind it, in this particular case, is this guy. Note that he's heavily into RFID and other potentially privacy-obliterating technologies.

    When RFID is used in things like supply chain management, it's not so bad. But, sadly, it may be used in other ways far more chilling.

    Coming from a guy like this, the "varmint" of which you write is no surprise.

    Anytime you view a web page -- any web page -- your IP address is logged. That's been true since the very beginning of the "worldwide web" part of the Internet. It was possible even before "cookies" were invented. It's nothing new.

    There is virtually no anonymity on the Internet. Every single device attatched thereto is uniquely identifed by its IP address. Server logs tells us precisely when a given IP address was used by a given device. It is relatively easy to track down the user of a given device at a given time; so, therefore, it is relatively easy to track down precisely what said user was doing with said device on the Internet... which web sites he visited, and when, etc. That's always been true.

    That said, whether anyone actually bothers to look at said server logs to try to figure out who's viewing what and when is another matter altogether. Any anonymity we have, therefore, is given to us by virtue of someone else's pretermit or neglect. But if someone ever decides they reallly want to hunt someone down, all they have to do is start caring and interrogating said server logs.

    So, I say again: There is no anonymity on the Internet... not even when using anonymizers; not even when posting as "Guest" at Military Forums. Those posts and their IP addresses are tracked; and it only takes a subpoena to get one's hands on them.

    He did the best he could, given the knowledge of the day. Given that, I think he did pretty well. His predictions are certainly coming true, are they not?
     
  6. Dool

    Dool New Member

    I had long ago come to terms with surrendering my anonymity when interacting with the internet.

    Now I must come to terms with surrendering my anonymity when not interacting with internet.

    My remaining alternative is to just unplug. But we know what happened to Winston Smith when he did that.
     
  7. DesElms

    DesElms New Member

    Oh... yes... thanks for remind me. I got so tied-up with the anonymity stuff that I forgot to talk about that in my earlier post.

    The problem goes away if you're simply not online. If you have DSL or a cable modem (or a fractional T1 or some other broadband form), you're always online whenever your computer's turned on... that is, unless you have a system tray utility that controls such things -- like a switch -- like I do on all of my machines; or unless you just, as you suggest, temporarily "unplug" your machine from the broadband connection.

    And dial-up users can just disconnect/hang-up.

    Once disconnected, by whatever means, the varmint stops being effective. So, technically, all one would have to do is get the file onto his/her hard drive, then disconnect from the Internet, and only then open it in Word (and remember to close it before reconnecting). Of course, the mere fact that one downloaded file -- even if one didn't actually open it 'til later, while the machine was offline -- would also be logged. So there's a "can't win for losin'" sort of thing going on there.

    I suppose one could go to Kinkos and download it, put it on a diskette, and then take it home and open it with the computer on which it's opened offline (not connected to the Internet). But even that Kinkos download isn't really anonymous. The session, is charged to one's credit card, and the Kinkos server logs all the activity. Match log activity and times to the session and the credit card that paid for it and, bingo, one's caught.

    I say for the third time: There is no anonymity on the Internet! Period.

    Indeed. But we're nowhere near that point yet... though if we keep electing Republicans who think the Patriot Act's okay; and who have an "If you have nothing to hide, then..." attitude, we may not be as far from it as I would like to think. I've always felt that one indicator of our being closer than my worst fears will let me believe is the uncomfortably Nazi-regime-sounding name "Homeland Security" and all the fatherland-reminiscent imagery that, for me anyway, it conjures up. Maybe fascism is closer behind me than I realize.

    To combat it, we need to keep supporting the likes of EFF and the ACLU and other such organizations that conservatives so often characterize as "nothing but a bunch of pinko punko commies" so that someone's out there fighting the good fight for as long as it's worth fighting.

    Or so it is my far-from-humble opinion.
     

Share This Page