Ben Rose brought up a subject that should be a reminder for all of us, referrers from places we don't want other people to know about.
Let's say that you use some kind of web based e-mail system (Yahoo mail, Gmail, iNotes, ...). Let's also say that you receive a link to somewhere in your e-mail. You click on the link and it opens up in your web browser. What information does the web browser send to the web server on the other end? Among other things it sends the address of the web page you came from, the web page where you clicked on the link, in this case, your e-mail. If you are using iNotes the link could look something like this:
http:/mail.mydomain.com/mail/filename.nsf/($inbox)/E7BF7364522C76CCC12570FB001A2F9F/?opendocument
I left out one / on purpose.
So what does this tell us about the user? First of all, browsing to the webserver, we can find out the company or organization of the server. We can also guess the domain part of the e-mail addresses used from mydomain.com.
Then there is the filename.nsf part. Knowing how Domino works, we can assume that the filename is actually made up of the first initial of the first name, and the seven first characters of the last name of the user. This way we can actually start to guess the rest of the e-mail address.
So consider that you are not anonymous when browsing the web, and start copying the link from the mail, and pasting it into a new browser window instead, so that the browser doesn't have a referring web page to report to the web server.
Now, some people might not think that this is a big deal, while other think that it is a major problem. I'm probably somewhere in the middle myself, but if you really care about privacy, you need to consider it.
Excellent reading!2006-09-18 12:26
-