Lists Home |
Date Index |
> Once a local user has loaded this into a web browser from behind the
> firewall, the original host site or some other remote site can easily
> determine whether some document exists on some server that would not
> normally be accessible to it.
Interesting idea. It would be easy, for example, for an adversary to
determine the system type by looking for things like /linux vs
C:\PROGRA~1. Knowing that would help them attack.