I have a question in reference to specific software that is being used in a vendor security forum, which looks to me as a way of spying on members, by collecting there IP Addresses, etc, when they click on a thread. The name of the programs that two members are using in the forum I am talking about are: BrowserSpy and the other is from a web site known as Dynasig. Using this type of program, will show the person's IP Address when they click on the thread link, but only they can see their IP Address, is that correct? What about the vendors who made these two programs would they be able to collect your IP Address and use it in anyway they feel like it? Perhaps for Spammers or ID Theft? Very concerned!

Hi Berge01
Unless you're using some sort of anonymising proxy every website you visit can see your ip address, so not sure what your concern is.

Those tools and much discussion about them is contained in the following thread:

http://www.wilderssecurity.com/showthread.php?t=12527

But, be aware that there are active links to a couple of those gimmick images in that thread, so, you will see your IP and other system info when viewing that thread.

My take on these are that they are not that big a deal. For the most part, they are gimmicks meant to shock people by showing their info back to them.

{QUOTE-> What about the vendors who made these two programs would they be able to collect your IP Address and use it in anyway they feel like it? Perhaps for Spammers or ID Theft? Very concerned! <-QUOTE}I really wouldn't be quite that concerned by these. Yes, the sites linked that provide those images can "see" your IP address and the other info your browser passes freely. But, that is no different then any site linked in-line in a forum or other webpage... For example, every time someone uses imageshack to display images inline in a forum thread, Image Shack sees all the same information about you since you are pulling the images from their webserver. These IP display images are really no different then that.

{QUOTE-> Those tools and much discussion about them is contained in the following thread:

http://www.wilderssecurity.com/showthread.php?t=12527

But, be aware that there are active links to a couple of those gimmick images in that thread, so, you will see your IP and other system info when viewing that thread.

My take on these are that they are not that big a deal. For the most part, they are gimmicks meant to shock people by showing their info back to them.

I really wouldn't be quite that concerned by these. Yes, the sites linked that provide those images can "see" your IP address and the other info your browser passes freely. But, that is no different then any site linked in-line in a forum or other webpage... For example, every time someone uses imageshack to display images inline in a forum thread, Image Shack sees all the same information about you since you are pulling the images from their webserver. These IP display images are really no different then that. <-QUOTE}

Hi LowWaterMark:

This is privacy concern for me even with the great explanation above on what happens and how it works and how common it is.

As I understand it, the OP said these individuals are using certain programs in some forum and can see his IP and what ever else is sent via a browser?

If say someone on our forum was doing that would that not be harvesting id's addresses, subjects viewed and in violation of Wilder's ToS? I just don't get it that it isn't that important? :-[

If this is in the link you provided I apologize but I'm out of time now and will look more into this later.

Berge01, where do these 2 programs execute on the vendor forum server or where? Surley it wouldn't have got onto your PC?

"BrowserSpy and the other is from a web site known as Dynasig," whats the facts on these things? How do I get rid of them? Are they on my PC?

{QUOTE-> "BrowserSpy and the other is from a web site known as Dynasig," whats the facts on these things? How do I get rid of them? Are they on my PC? <-QUOTE}{QUOTE-> If this is in the link you provided I apologize but I'm out of time now and will look more into this later. <-QUOTE}I'm sorry, but in this case, you really do need to read the thread I linked to before you start worrying. That's why I replied to this thread with that link. These objects are discussed there in detail.

Hi LowWaterMark:

Thanks! I took the link and read your 2003 post. Is this post a bottom line current view still? Anything you would change now? lot's of new threat types since then!

Your point on trust is under discussion now in other threads.

Maybe it would be better to find a single proxy server to trust.
Rather than worry about the dozens of unknown servers that our applications connect with?

Like every body I have to trust my ISP but would the proxy server be between a user setup and their ISP or on the other side? Sorry again for the learner question. :-[ I'm kind of thinking of the proxy like a router but maybe that is incorrect!:-\

{QUOTE->
Ah yes, I've seen that BrowserSpy page before... Nice addition, thanks Amerk! 8)

All these pages, whether we're talking about the lengthy and detailed tabular informational pages like BrowserSpy, or these little graphical gimmicks, do what they do simply by displaying the information contained in a simple set of variables that most browsers support and provide freely to the web servers they contact.

Of course, as might be expected, Internet Explorer provides more information than most other browsers, if you don't secure it beyond the defaults. ;)

In any case, it's good for people to realize that their browsers have this information available and that these are not hacker tricks or exploits on their systems. It's all a part of normal World Wide Web use. There are some tools and services available to suppress or redirect some of this information, but people need to decide for themselves if it's worth doing.

What can you do?

You can not block your IP address, or its reverse DNS based host name (if your ISP supports this function), simply by running local software on your PC. Your IP address is part of every data packet sent from or to your PC, and it must be known to the sites and servers you connect to if you expect to get any data packets, webpages, email messages, etc. sent back to you.

You see, your IP address is your end of a two way communication link. If you don't give the other site or server you communicate with your address, it can not reply to your connection. Period.

Now, the only way to keep your IP address secret from a particular site you visit is to trust some other third party site to proxy your connection for you. If you use a good anonymous proxy server, and have it relay all your communications on your behalf, then a specific site you visit (through that proxy) will think your PC is at the IP address of the proxy server and not your real public IP address.

Sounds good right? Well, guess what this involves... First, you must trust the proxy server site if you are going to do this. Since they must send back to your system all packets they are proxying for you, they must know your IP address. (Okay, so why exactly should we trust the proxy site instead of some other site we are visiting?) Secondly, good, stable, well-performing and free anonymous proxy sites are not easy to find. There are some pay services you could subscribe to if you are really concerned about this.

Want to know more about anonymous proxy servers, just search for that term at Google (http://www.google.com). Also, here is an old thread here at Wilders about proxy usage (http://www.wilderssecurity.com/showthread.php?t=3582).

As for the other displayed information; i.e. your browser type, operating system, and other variables not seen above like referring webpage, etc.; well there are many privacy & security tools that will filter a lot of this information for you. Local proxy tools like Proxo or AdSubtract Pro, and many of the current personal software firewalls, will block several of these data elements. Again, if you really think these are necessary, search the Privacy forums here or on Google for local proxy and filtering tools.

As to what I think, well, I use Internet Explorer v6.0 on Windows XP Home, and I do not use a remote proxy server or any local filtering applications. My browser, OS, referrer, IP address, etc. all flow freely like most web users, and I don't really think it's worth worrying about.

But, people's opinions will vary on this. ;)" <-QUOTE}

{QUOTE-> Hi LowWaterMark:

This is privacy concern for me even with the great explanation above on what happens and how it works and how common it is.

As I understand it, the OP said these individuals are using certain programs in some forum and can see his IP and what ever else is sent via a browser?

If say someone on our forum was doing that would that not be harvesting id's addresses, subjects viewed and in violation of Wilder's ToS? I just don't get it that it isn't that important? :-[

If this is in the link you provided I apologize but I'm out of time now and will look more into this later.

Berge01, where do these 2 programs execute on the vendor forum server or where? Surley it wouldn't have got onto your PC?

"BrowserSpy and the other is from a web site known as Dynasig," whats the facts on these things? How do I get rid of them? Are they on my PC? <-QUOTE}

YES, both are in the Signature of every thread they post. If I can have permission from any Moderator or Administrator here to post a couple of threads to show you exactly what I am referring to. But until I get permission, as I don't want to be in Violation of ToS Guidelines.

Quote from Berge01, "YES, both are in the Signature of every thread they post. If I can have permission from any Moderator or Administrator here to post a couple of threads to show you exactly what I am referring to. But until I get permission, as I don't want to be in Violation of ToS Guidelines."

berge01, once again I'm :-[ . Who is the "they" is your last post? I have a silly signature Disney guy. Am I creating a threat myself and don't know it? :-\

Can you provide the steps whereby harvesting of this could work, what signatures have these IP revealer's in them?

Surley we should avoid using them ourselves and block users who use them even not knowing they do it? ???

Straighten me out here please before paranoia takes over my life!

I think you are wise to wait for LowWaterMark before answering in case of ToS issues.

{QUOTE-> Quote from Berge01, "YES, both are in the Signature of every thread they post. If I can have permission from any Moderator or Administrator here to post a couple of threads to show you exactly what I am referring to. But until I get permission, as I don't want to be in Violation of ToS Guidelines."

berge01, once again I'm :-[ . Who is the "they" is your last post? I have a silly signature Disney guy. Am I creating a threat myself and don't know it? :-\

Can you provide the steps whereby harvesting of this could work, what signatures have these IP revealer's in them?

Surley we should avoid using them ourselves and block users who use them even not knowing they do it? ???

Straighten me out here please before paranoia takes over my life!

I think you are wise to wait for LowWaterMark before answering in case of ToS issues. <-QUOTE}

I am referring to a regular helper member and a Guru that have these two sites in their signature at the Forum where they help members with their firewall questions. Once again, to make it clear to you, until I get permission from a Moderator or Administrator from this forum, then I will state the name of this forum I am referring to, and will post some links that everyone will see what I am talking about.

{QUOTE-> I am referring to a regular helper member and a Guru that have these two sites in their signature at the Forum where they help members with their firewall questions. Once again, to make it clear to you, until I get permission from a Moderator or Administrator from this forum, then I will state the name of this forum I am referring to, and will post some links that everyone will see what I am talking about. <-QUOTE}Berge01,

How other forums conduct themselves is really outside the scope of a public thread here. However, PM me with details and we can discuss offline for the present.

Blue

I'm sure on my travels I have seen similar, least ways I have sen people use something in a sig that displays your ip address and the tyype of browser you are using, or in Opera's case the type if browser it says it is, I don't think these things pose any threat to anyone, most people are on a dynamic ip anyway so in a few days they will have changed

{QUOTE-> Thanks! I took the link and read your 2003 post. Is this post a bottom line current view still? Anything you would change now? lot's of new threat types since then! <-QUOTE}The sites that are setup to this purpose all work the same way they always have, so the posts there are still relevent today. Keep in mind that these are not malware threats, and they don't install on your computer or anything like that.

These objects simply display to you the information that your browser freely sends to all websites that you connect to, including this forum. The same information, (ie. your IP address, User Agent, referrer, etc.) is sent to every wesbite you browse or display images from, the only difference is that these special objects, (like the danasoft characters (live link) (http://www.danasoft.com/vipersig.jpg)), in the linked thread above), actually show you your information when you view them.

These objects can actually be educational, as many people do not realize that their browsers and systems pass this kind of information. I posted in that linked thread long ago to help to demystify these kinds of things.

{QUOTE-> Maybe it would be better to find a single proxy server to trust.
Rather than worry about the dozens of unknown servers that our applications connect with? <-QUOTE}Unfortunately, as you browse around the web, you will find all kinds of cross linking of content from one site to another. As I mentioned above, large numbers of people use Image Shack for hosting screen shots on forums. If you display those images then you are connecting to Image Shack's servers, and they see all this same information about you. Yet, most people are not worried about that. I'm certainly not.

{QUOTE-> Like every body I have to trust my ISP but would the proxy server be between a user setup and their ISP or on the other side? Sorry again for the learner question. :-[ I'm kind of thinking of the proxy like a router but maybe that is incorrect!:-\ <-QUOTE}If you want to keep your IP address a secret, then you need to look into anonymous proxies. There are a lot of threads about TOR and JAP, and other services, in the Privacy Software section here. As for User Agent and Referrer, well, you guys who use ZAP can block those I believe with their Privacy features. Other firewalls and privacy software also have features like that.

By the way, if you don't want those images to display, they are easy to stop with your firewall. When viewing one of those images that displays your data, right click it, find the website it comes from, and simply add that domain (or get its IP address(es)) to your blocked list in your firewall. Bang - no more IP addr image gimmicks!

Hi LowWaterMark:

Yes, these special objects are very educational as you say. It is a bit of a shock when your mouse passes over them and your own ip and ISP provider are displayed.

But I'm wondering about 2 things:

(1) Can Wilder's members set one up in their own signatures and be within the current ToS?

(2) As you say they aren't a malware threat as they don't install on my PC but they are executable programs or components in the server I am visiting right? They have to run somewhere. They output my isp and ip so therefore they have captured or derived that information and obviously the server knows my id and psw . So, does it not follow that these externals servers allowing these special objects can harvest ip, isp, id's and psw's? That strikes me as a real privacy issue?

If the reasoning is flawed here straighten me out!

{QUOTE-> (1) Can Wilder's members set one up in their own signatures and be within the current ToS? <-QUOTE}As noted in the old, linked thread, there was no TOS violation in the signature we were discussing back then. A few people had those in their signatures around that time. Today people can't use them because of our image posting & signature policy (http://www.wilderssecurity.com/showthread.php?t=19950) which states that no images (actually IMG tags) are allowed in signatures and no unnecessary / entertainment images are allowed in posts. If someone posted one of those in a thread not specifically discussing that type of object, it would be removed as an off-topic image.

{QUOTE-> (2) As you say they aren't a malware threat as they don't install on my PC but they are executable programs or components in the server I am visiting right? <-QUOTE}Well, kind of... They run within the webserver of the site that generates the image, such as: dynasig.net, danasoft.com, auditmypc.com or any other similar site. They don't run on the server of the main site you are visiting even though that site happens to have the link to the object. (For example, if there was one in this reply, you'd see it while reading this thread, but, it would be provided from which ever remote site I linked to. It would not be running here on wilderssecurity.com.)

{QUOTE-> They have to run somewhere. They output my isp and ip so therefore they have captured or derived that information and obviously the server knows my id and psw . So, does it not follow that these externals servers allowing these special objects can harvest ip, isp, id's and psw's? That strikes me as a real privacy issue? <-QUOTE}You're mixing a few things together. First, the information they are displaying is freely available to any and all websites you visit unless you take very specific steps to block it. Every website you visit knows your IP address. They have to since that is how they communicate data back to you. ISP is simply determined from DNS using the IP address. The rest of the information comes out of the browser's user agent string which usually identifies the browser and OS versions.

As for ID and password, no, those aren't available to these remotely generated objects. Since these objects are generated on the remote website (like dynasig.net), there's no data there about your Wilders account or password. You need to understand some things about how browsers and webservers work. It would be worth doing a little research on them. Start at Wikipedia - Webserver (http://en.wikipedia.org/wiki/Webserver) and Wikipedia - Server log (http://en.wikipedia.org/wiki/Server_log). Read related links and then search for sample logs, such as this site's explanation (http://www.jafsoft.com/searchengines/log_sample.html). (Within that last link, you'll see just how much data your browser sends unless you take steps to reduce it with privacy tools and/or proxy services.)

So, the content that appears on a single webpage may actually come from many different servers, and those servers may not have any connection with each other.

If an IMG tag is used to display a remote image inline within a post here, (such as to an imageshack hosted image), that image does not come from the wilderssecurity.com server, and the wilders server doesn't even know about it. Your browser pulls the image from the remote website all on its own. The same is true with these dynasig objects. What the remote webservers can know about you, is what is shown within the informational links (like the sample log link) above. You will send your IP address, and possibly referrer and user agent, if not blocked in a privacy tool on your PC, to those remote sites. But, you won't send your wilderssecurity.com username and password to them, so, they can't display those back to you in such an image.

Thanks Low Water Mark.

I will do some more learning on this using the links you provided as a starting point.