Files exposed to Website !!

Discussion in 'privacy problems' started by eyespy, May 5, 2002.

Thread Status:
Not open for further replies.
  1. eyespy

    eyespy Registered Member

    Joined:
    Feb 20, 2002
    Posts:
    490
    Location:
    Oh Canada !!
        I was surfin' around the net today, looking at different "utility cleaners and wipers" ! ( I'm still looking for that "elusive" log file cleaner)
     Anyway I come across this site ....Evidence Killer  
    http://securedisk.netfirms.com/defaultek.htm
     Click on "test it"
    This website showed on the screen the contents and folders of MY hard disk !!!  What a "rude awakening" !!
    I have File and Printer sharing disabled, always have, so how are these "snoops" getting in ? Don't know if these web sites are helping us or hurting us !!
    I'm also running SPF 5.
    There has to be way to stop this !!

     Open for all/any suggestions !!

                      regards all,
                                       Bill  :mad:  :mad:  :mad:
     
  2. FanJ

    FanJ Guest

    Hi,

    I saw that you need Javascript enabled, and I have to admit that, unless I know much more about that company and site, I'm not willing to do that.

    However, I remember vaguely that there have been somewhere some web-site that in some way also was able to show you the content of you harddisk, but in fact they only give your OS locally the command to do so; so, it was only some kind of a trick.
    Sorry, I don't remember all the details of it.
    And I'm also not saying that this website, that you mentioned, did the same kind of thing.

    So, probably this reply of me doesn't have much value....
     
  3. eyespy

    eyespy Registered Member

    Joined:
    Feb 20, 2002
    Posts:
    490
    Location:
    Oh Canada !!
    Well  FanJ,                                                                              it showed  the folders in my C drive, but not the contents of those folders.
    I understand they are trying to prove a point and sell their product. But their product will eliminate Dat. files and such, and it would not protect you from exactly what happened to me !! Peeping at my Hard disk !! Damn !!
              bill  :mad: :mad:
     
  4. FanJ

    FanJ Guest

    Hi,

    I don't know much of that company....

    Maybe you could also have a look at programs like IEClean (or NSClean for Netscape) and Window Washer. I have both, and I'm very satisfied with them.
     
  5. luv2bsecure

    luv2bsecure Infrequent Poster

    Joined:
    Feb 9, 2002
    Posts:
    713
    Hi Bill!

    There have been rumours that EVIDENCE KILLER is, in fact, associated with EVIDENCE ELIMINATOR. You want to stay away from BOTH!!!!!  They are both marketed in a very similar way using scare tactics that are silly and infuriating at the same time.

    To put your mind to rest over what you saw on their site; I can assure you that your hard drive information was not passed on to anybody anywhere except on your own monitor. It's an old Javascript trick that simply allows YOU to see the contents of your drive. The code is simple. I went to Evidence Killer's site and grabbed it from the "view source" for you so you won't worry about this. Pay attention to what I have bolded - it's just a local ref to your own drive:

    <script language="javascript">
    if (navigator.appName=="Netscape" && navigator.appVersion.split(".")[0]==4)
    {
    document.write("");
    }
    else
    {
    document.write("Your hard drive.");
    document.write("<p align='left'><iframe src='file:///C:/' height=400 width=600 marginwidth=0 marginheight=0 scrolling=no frameborder=0 vspace=2></iframe></p>");
    }
    </script>

    You're OK, Bill. Nothing to worry about. Seriously though, if I were you EE and EK are two programs to stay away from. (For one thing just look at how EK is trying to trick people and panic them with that scripting trick!) I agree with Jan completely - try IEClean or Window Washer. They are both good products from quality companies.

    Have a good week!
    John
     
  6. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    I'm on total agreement with the above.  It's an old JavaScript trick to worry people into buying garbage, tactics which reputable companies would never use.
     
  7. eyespy

    eyespy Registered Member

    Joined:
    Feb 20, 2002
    Posts:
    490
    Location:
    Oh Canada !!
    Thanks for the info guys !!
                    I was more than a little concerned when I saw THAT site playing tricks on me !!
      Needless to say...I won't consider that companie's software !  
    I thought about how they did that for a few days, and couldn't figure it out !!
     Thanks again !!

           Relieved......bill   :p
     
  8. Mike_Healan

    Mike_Healan Registered Member

    Joined:
    Mar 6, 2002
    Posts:
    302
    Location:
    USA
    Actually, you don't even really need javascript.
    Click here

    Code:
    [url=file:///c:\windows\temporary internet files\]Click here[/url]
     
  9. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    I remember an older warning, in a MS security bulletin, forgot which and the name of that exploit, which still showed up with the patch, btw. With putting all java and ActiveX on "prompt" and not allow nothing of that on unknown sites they were not able to do the same trick.
     
Loading...
Thread Status:
Not open for further replies.