back to article Internet Explorer tracks cursor even when minimised

A security researcher has published yet another reason not to use Internet Explorer for anything, under any circumstances: it can track your mouse cursor movements, even when it’s minimised. Affecting all versions newer than IE 6.0, and with no plans for a fix by Microsoft, the bug is demonstrated here (not being an IE user, …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    Which ad analytics companies?

    Would be nice to know

    1. dssf

      Re: Which ad analytics companies?

      WHICH anal lit licks company? Well, start with faecebook. Does not fb count nowadays as an analytics tool? Even as an aggregator?

      1. Anonymous Coward
        Anonymous Coward

        Re: Which ad analytics companies?

        " anal lit licks"?

        Are you 6 years old?

      2. Jordan Davenport

        Re: Which ad analytics companies?

        @dssf: Thank you for your valuable post. I appreciate the time you took to research the subject and comprehensively answer the question posed in the original post. I now know precisely which advertising analytics companies to block in order to mitigate the risk at work. Again, thank you.

    2. Nanners

      Re: Which ad analytics companies?

      If you used mozilla you could use ghostery. But then, that would defeat he question.

      1. Mark Allen

        Re: Which ad analytics companies?

        Ghostery works on all browsers. Not just Firefox. I currently have it installed here on Opera. Can be interesting to see how many tracking items appear on some sites!!

        (I also block advertiser's domains at the DNS level in my router... a much nicer internet experience all round....)

        1. Nanners

          Re: Which ad analytics companies?

          I did not know that.

        2. Anonymous Coward
          Anonymous Coward

          Re: Which ad analytics companies?

          "block advertiser's domains at the DNS level "

          I tried that while back (via a hosts file), but found pages took AGES longer to load due to the timeouts!

          1. phuzz Silver badge
            Alert

            Re: Which ad analytics companies?

            ""block advertiser's domains at the DNS level "

            I tried that while back (via a hosts file), but found pages took AGES longer to load due to the timeouts!"

            I suppose you could setup a small webserver that would send back a 1x1 image for every picture that was requested, or a single line of html saying <html></html> for documents etc. It would be a bit more work though.

            1. Mark Allen
              Linux

              Re: Which ad analytics companies?

              I use an old Linux router for my DNS blocking, not a hosts files, and that is fine on most sites. It also works house wide for any device in use - PCs, Phones, Tablets, etc. Yet some sites like this here El'Reg always hang for a few seconds when loading up the last part of this page in Opera. 'tis a pain.

              But a bit of patience is worth it. Some websites out there just have waaaaaay too many flashing adverts. I get amazed at the YouTube "experience" with adverts enabled.

            2. Kubla Cant

              Re: Which ad analytics companies?

              ""block advertiser's domains at the DNS level "

              Try Privoxy, a proxy server that you can use to filter out anything you don't want. IIRC, it returns a dummy document or a tiny image for requests that are filtered out, so you don't have to wait for a timeout. Because it's a proxy server, it removes the junk regardless of the browser you're using. You can filter at domain level or any other level. The only shortcoming is that you have to keep the block list up to date yourself, unlike the AdBlock list.

          2. BlueGreen

            Re: Which ad analytics companies? @AC13:29 re. hosts file sloth

            I suspect you didn't read the instructions. Some win os's can't handle large blocklists and totally crawl so you have to turn off the DNS caching service which cures that (turn it off anyway, it does no harm). Things do fly after that.

            Anyway, well done for trying, give it another go.

  2. Anonymous Coward
    Anonymous Coward

    Microsoft has always been sending stuff back to the mothership. The more worrying thing is that they seem to be lightweights in the 'reporting home' game.

  3. Anonymous Coward
    Anonymous Coward

    So, will Microsoft demand 30% for anything that is stolen? Why does Microsoft make it so easy for the criminals to get data?

  4. Anonymous Coward
    Anonymous Coward

    Oh no, this is terrible!

    No wait, hang on, I don't use IE. Carry on.

    1. yossarianuk

      Re: Oh no, this is terrible!

      Some of here don't run Windows at all.... Its not like those who do can easily get rid of IE in its entirety, with Windows8 you can turn it off, not remove it easily.

      Time and time again Microsoft leave known vulnerabilities in their software sometimes for months/years, I would simply not trust my security in the hands of the McDonalds equivalent of the software world.

      That's one of the main problems about non open source software, you are completely at the mercy of one company to fix any known bugs - Known bugs are generally fixed far faster in the opensource world.

  5. Nordrick Framelhammer

    So Micro$oft have fucked things up again

    Are any of us really surprised?

    1. Anonymous Coward
      Anonymous Coward

      Re: So Micro$oft have fucked things up again

      This hardly sounds like a mistake, this sounds deliberate even more so as they seem like they don't give a rat's arese about removing this rather unpleasant "feature"!

  6. Steven Roper
    Devil

    Oh, I love this!

    More ammo for me to strike fear into the hearts of the few die-hards I haven't yet been able to convert to Firefox or Opera from using IE.

    With this one I can be more subtle in my conversion attack: I can simply say "Look, just make sure you close all other IE windows and tabs before using your bank because of [the issue in this article]", instead of the more sledge-hammerish "Why are you still using that insecure and user-unfriendly pile of shite!?!"

    (Also, I don't want to just preach Firefox, but I don't encourage using Chrome because of Google's spying and malware-like distribution methods, nor Safari because... well, it's Apple. Which pretty much leaves Firefox and Opera as my only reasonable mainstream choices. So I recommend to a user to try both and run with the one they prefer.)

    1. Anonymous Coward
      Anonymous Coward

      Re: Oh, I love this!

      Unfortunately Firefox has become a memory hungry, bug ridden pile of shite as of late. Shame and it hurts me to say this because it was once my favourite browser, even donated to compaigns like the NYT ad.

      Maybe on the back of Google's easy money to keep it as the default search engine they turned more into evangelists of various causes and lost track of what they should really be working on - a great browser.

      1. Anonymous Coward
        Anonymous Coward

        Re: Oh, I love this!

        I'm with you on this. I used to love Firefox. Unfortunately however over the years not only has resource usage gone up it's not entirely uncommon to see Firefox in infinite loop ("hmm why is my notebook fan suddenly going into hyper-drive when it's only my browser that's open?") and silently consume all available PRAM there is to consume.

        It's sad really. It used to be an awesome browser.

        I'd never use Opera because of their constant whining to the EU about Microsoft's "monopoly". Perhaps if they weren't charging for a browser back when everyone else was already giving them out for free they'd have less problems today.

        Chrome? I've still got this love-hate relationship with it. I've got both Chrome and IE pinned to my task bar with IE being my browser of choice (albeit with cookies and java script disabled globally with a few exceptions for sites I generally trust). I don't know... never really trusted Google I suppose when it came to the topic of "privacy".

        This little IE problem here though... that's really become the final straw for me despite my precautions. Even though I have java script disabled for all sites not within my trusted zone it's all too common for websites to be compromised these days.

        Back to Chrome it is I guess. Rather Google have my data than a bunch of hackers.

        (And yup, I'm paranoid.)

        1. Anonymous Coward
          Unhappy

          Re: Oh, I love this!

          I'd never use Opera because of their constant whining to the EU about Microsoft's "monopoly". Perhaps if they weren't charging for a browser back when everyone else was already giving them out for free they'd have less problems today.

          Well you'd probably be pretty cheesed off if you coded a product for some years as a means of earning a crust, and then a competitor ripped the rug out from you by giving away a vaguely similar product free, on the back of a monopoly in another business line.

          And arguably the reason why IE is so insecure is because nobody pays for it, and there's no commercial market for browsers - so if people don't pay, who's willing to invest in improvements? "Free" software is good because you don't pay for it up front, but you then live with the downsides for some while. Look at how sparse the market is for good email clients - they're mostly free because Outlook Express was given away "free", but there's now not much choice or innovation (even Mozilla parted ways with Thunderbird). Acrobat Reader is another example of "free" meaning "not as good as something there's a market for".

          1. yossarianuk
            Linux

            Re: Oh, I love this!

            > Acrobat Reader is another example of "free" meaning "not as good as something there's a market for"

            If you run a Linux distro the native pdf readers are infinitely better than Adobes piece if crap reader, far faster (I mean far far far faster), less memory usage, far less size file in the app and generally far less exploits than the official adobe reader.

            i.e KDE uses okular, Since running Linux I barely even hate .pdf format any more.

            p.s We can have the official adobe reader also on Linux but you would have to be messed in the head to do so.

            1. Anonymous Coward
              Anonymous Coward

              Re: Oh, I love this!

              If you run a Linux distro ...

              Which I don't. There are acceptable alternatives to Acrobat Reader running under Windows, but the point I was making was quite simply that if you destroy the economics of an established market by giving something away free, even though it cost money to produce, then it is very difficult to remake an economic market, and that harms future product development by all firms. Open Source goes some way to fill the gap, but the mixed views on Firefox illustrate that it isn't a perfect solution, and the lack of polish around all of the few Linux distros I've tried again causes me to be dubious.

              Paying for something certainly doesn't mean it is any good. But not paying for it should mean people ask why it is being given away, and what the longer term impact will be.

      2. Anonymous Coward
        Anonymous Coward

        Re: Oh, I love this!

        "Firefox has become a memory hungry, bug ridden pile of shite as of late."

        These statements always make me laugh. I have come across neither issue with Firefox and neither has anybody else I know who uses Firefox.

        It's more likely that your computer is a pile of shite.

        1. Anonymous Coward
          Anonymous Coward

          Re: Oh, I love this!

          Person A: "I got Malaria"

          Person B: "These statements always make me laugh. I have never had Malaria and neither has anybody else I know...It's more likely you had a cold"

        2. Elmer Phud

          Re: Oh, I love this!

          There have been issues in the past with Firefox chewing up memory at the same time as AVG chewing up chunks of memory to sandbox the lot.

          The 'cure' has always been the same as the old Microsoft advice - you need more memory/faster processor etc. It's your fault for having a crappy system (even though it was fine up to a couple of days ago).

          I am one of those who suffered in the past but refused to go out and get more memory to fix someone elses screw-up.

        3. Henry Wertz 1 Gold badge

          Re: Oh, I love this!

          "These statements always make me laugh. I have come across neither issue with Firefox and neither has anybody else I know who uses Firefox."

          What a numpty. Theres bug reports -- lots of them, with los of posts apeice -- and lots and lots and lots of other complaints about Firefox memory usage all over the internet. There's 3 issues really *and a solution*:

          1) some Firefox versions did have memory use bugs (leaks or excessive usage), since they've gone thorugh like 13 major versions the last couple years. This isn't actually the main prolem.

          2) People expect more out of their browser now. Opening pages with huge graphics and javascript, lots of tabs, etc., is going to use more RAM than "back in the day".

          3) TUNING. To make benchmarks look good, Firefox has ridiculous memory use defaults now! image.mem.max_decoded_image_kb is set to 512000KB, so Firefox will keep all these decoded (huge!!) images for other tabs and such in memory; javascript.options.mem.high_water_mark is set to 128MB. It turns out when Firefox is set to cache 640MB of crap in memory, it uses lots of memory 8-). I turned these WAAAAAY down (1024KB and 8MB), it DRASTICALLY reduced memory use and the only side effect is it takes a fraction of a second to re-decode the images when you switch tabs on my slowest system (and not even a noticeable delay on the others.)

          "It's more likely that your computer is a pile of shite."

          Spoken like a true Windows user -- the UNIX way is not "Oh, this app will just barely run on a high-end system so it's fine", but rather to keep improving efficiency since, you know, computers can be run multi-user and at that point it's better to not have a single app hog the whole computer.

      3. yossarianuk
        Linux

        Re: Oh, I love this!

        All the people I know who complain about Firefox's memory usage are Windows users.... Maybe its because your using a 32bit version (unlike 64bit Linux users).....

        http://arstechnica.com/information-technology/2012/11/64-bit-firefox-for-windows-should-be-prioritized-not-suspended/

        Chrome is o.k however for working with nothing beats Firefox imo, I never have issues with memory (apart from crappy Flash) with Firefox on 64bit Linux systems and haven't for at least 5 years.

        The fact that a majority of software for 64bit Windows is still32 bit is proof of the damage Microsoft's monopoly is having for technological progress - they didn't start supporting 64 bit in any serious way until 2008(ish).

        Even a lot of webserver based software is stuck with 32bit packages in the Windows world i.e PHP

        http://windows.php.net/download/#php-5.4 - only x86 packages available for Windows ... in 2012..

        God-damn Barbarians.

        1. Anonymous Coward
          Windows

          Re: Oh, I love this!

          God-damn linux fanbois.......

          1. yossarianuk

            Re: Oh, I love this!

            ... Speaking actual facts.

            If anyone has used KDE and actually wanted to use the official Adobe reader they need urgent help

      4. Paratrooping Parrot

        Re: Oh, I love this!

        I have about 150 tabs open in Firefox and I only use 450 Megabytes of RAM. So, I have no idea what has happened to your machine.

    2. Anonymous Coward
      Anonymous Coward

      Re: Oh, I love this!

      How about Chromium or SRWare Iron then?

      1. BoldMan

        Re: Oh, I love this!

        Another tumbs up for SRWare iron

    3. This post has been deleted by its author

    4. Anonymous Coward
      Anonymous Coward

      Re: Oh, I love this!

      Better advice would be to close all browser sessions, launch a new one to do your banking and then close it when you are finished regardless of which browser you are using.

      1. Wensleydale Cheese
        Go

        Re: Oh, I love this!

        "Better advice would be to close all browser sessions, launch a new one to do your banking and then close it when you are finished regardless of which browser you are using."

        My bank advises exactly that.

  7. Invidious Aardvark

    I am missing something here? Every virtual keyboard I've seen jumbles up the keys so knowing where the mouse was when I clicked is completely pointless since you still have no idea which key I clicked on.

    I'm with the first AC on this too - which ad companies are using this? It's not something you can do accidentally (unless it's google, when of course it's just a rogue engineer leaving proof of concept code in the project and they're accidentally storing all that mouse location data unwittingly, the poor dears).

    1. P. Lee

      > Every virtual keyboard I've seen jumbles up the keys

      Does this work on RT? I assume that has a virtual keyboard where the keys don't move around.

      1. El Andy

        Re: > Every virtual keyboard I've seen jumbles up the keys

        Even on RT you can have the keyboard in various different layouts so you couldn't really know with any sort of certainty which key a user might be clicking on. Nor can you know that the virtual keyboard is visible, the user might well be clicking on just about anything. I'm not overly convinced there is an actual attack vector using this.

  8. dssf

    Faecebook Next?

    Faecebook demands javascript in most cases, unles the user is willing to put up with minimally functional pages. I would not be surprised if leaving fb open all the time gives faecebook regular access to clicks and page visits above and beyond referrers in browsers do. If so, then that is a much larger problem that iexploDer

    1. dssf

      Re: Faecebook Next?

      Justify that fracking sown thumb. Explain yourself, or your vote is just thinly veiled abuse. Explain why fb should not be considered an analytics aggregator. You can't. So, you, and you hurled vote, run along, or be considered a schill.

      1. Goat Jam
        Mushroom

        Re: Faecebook Next?

        It is my considered opinion that if you are not getting downvoted by elreg commentards then you are not trying hard enough.

        "Love me or hate me, but spare me your indifference". - Libbie Fudim.

        1. Anonymous Coward
          Anonymous Coward

          @Goat Jam

          Down voted for no other reason than to balance the stats.....

          1. Goat Jam
            Pint

            Re: @Goat Jam

            Cheers for that!

        2. dssf

          Re: Faecebook Next?

          I gave. You a thumbs up, since you helped me feel a bit better about the detritus hurled at me.

          I think it IS a good idea for me to not give a damn about the rank rankings of the feeble-minded, the shills, and the rabid-fans of whomever my comments are aimed at. It just would be pretty kewl if downthumbers were algorithm-managed to prevent a$$holes from flexing their muscles too much. No down-thumbing without justification, point by point. No downthumbing with anonymity, to balance out the hit-and-run attacks. But, NO decent programmers or moderators dare invoke such a system lest they face the wrath of their commentards, who probably donate or influence in some way a huge number of forums out there.

          Sad state of affairs. But, 635 + and 652- is probably a good trend .Just this morning, I was around 637+ and 602 -, and the ms, apple, and fb shils ripped my ass from continent to continent.... To leave me INcontinent....

      2. Anonymous Coward
        Anonymous Coward

        Re: Faecebook Next?

        OK:

        "Faecebook", "Faecebook", "faecebook", "iexploDer"

        (-1, unimaginative)

        1. dssf

          Re: Faecebook Next?

          See, there's is tthe problem... Trying to "enhance" or read into someone else's (my lame) lame jokes to your own satisfaction. Why not just WRITE your own instead of being a voice killer. I wasn't trying to be imaginative. I WAS conveying displeasure with those products. Imagine if I could muster up 50 or 60 friends, or a bot farm, and just start geographically originating down mods randomly or against everything *I* was a lame joke, or a strong opinion. If I got caught, I'd be banned. If not a bot, then rank or position would spare me if I were high enough. I am not directly attacking the moderator, but I **DO** strongly feel that unfettered assailing of a fellow commentart is tantamount to bullying. Unfortunately, hardly ever is there a counterforce to clamp down at the commentard level, and then whinging to the moderator of a typical site justs elicits not much. If I designed a moderator system, it would be heuristic, and it would reward positive behaivor, not mood-killing behavior. Attack politicians, stupid corporate behavior, not a thought out missive or half-baked (but non-radioactive) joke.

          Now, I will probably incure 40-50 more hits for daring to defend myself or to appear to be "lecturing"....

          I do not think in the entire year + that I have commented on this forum that I have EVER down-modded anyone. I do not go and just randomly up-mod, either, but I do occasionally upmod. I disparage events, and lame corporate behavior, but I try not to tear down or berate fellow commentards unless I am singled out or feel singled out. Unfortunately, trying to reason with what should be reasonable people is like an ant trying to move a bulldozer.

          Sigh.

      3. Woodgar

        Re: Faecebook Next?

        Faecebook? iexploDer?

        Seriously?

      4. Anonymous Coward
        Anonymous Coward

        Re: Faecebook Next? @dssf

        Tee hee - whining about downvotes just to up your post count in hope of getting a better badge. As if word plays on product names isn't lame enough. And then you compound it with the old shill argument. And get the spelling wrong on that! "Just thinly veiled abuse" - hmm. Seems you're either a psychology student or a 12 yar old who's a patient for one :)

        1. dssf

          Re: Faecebook Next? @dssf

          GROW UP. You do not know me, and have no real need to go off on personal attacks when I didn't single you out as a person. Why do you think I need a shrink? Yes, I incorrectly spelled a word, but reasonable people go for the intent, not the minor spelling error. Disclaimer: I am guilty of occasionally making hints about a spelling error in a post, but I try to elicit humor, not negativity, since I despise bullies or those behaving as bullies.

          1. James O'Brien
            Stop

            Re: Faecebook Next? @dssf

            Down voted and survey says:

            While you may have initially started out with a valid point you, yourself, went above and beyond on the rantings about the voting here. While it may be that you make some valid points about the voting system here these points can also be looked at as this: Why make down voting (or any voting on ElReg) require a post about why the vote was posted? This basically negated the AC icon here and opens up a world of shit on those who may agree or disagree with a certain point. I'm not having it. Once you went on the attack to bitch and whine about being down voted you came across as a 12 year old having a temper tantrum. Your continued responses to this fact just serve to make you look like even more of a child.

            Who gives a shit about the ups and downs a persons particular account has? About the only thing I cared about recently was that 1000 post milestone that has taken me 5 sad years to accumulate. If you want to bitch about your totals heres something you can shoot for.

            "In total, your posts have been upvoted 847 times and downvoted 345 times."

            Read from it what you will but I see from that, that at least most of the crap I spew resonants with the local commentards and that most tend to like what I have to say. I would rather not be Barry Shitpeas where everyone hates me but loves reading the next pile of trash I spew out.

            Just my 2 cents.

        2. dssf

          Re: Faecebook Next? @dssf

          Now, i will give my first -1 JUST because you had the unctuous temerity to accuse me of going after a badge. I do NOT gie a fuck about the posting badge. I never had any say in its arrival, and i do not know how to turn it off. My posting count is well over 650, and when the badge arrived, i was over 600 or so. So, go give yourself a cold, self-aggrandizing shower.

          I rarely, if ever see people downvoted for calling facebook facefuck or other names.

          As an ac, you have the luxury of not being doenmodded every time you post. But, i do not post as ac for any reason, especially not for the purpose of criticizing anyone. And, i do not vendetra rate, either.

          So, keep the run-him-away downmods. Oming. When the management wakes up, if ever it gets around to changing hands, it might enhance the voting code go nullify malicious voding and weed out vicious downvoters. But, we shall see...

          1. James O'Brien
            Trollface

            Re: Faecebook Next? @dssf 17:25

            And yet you continue to bitch and moan about something which has worked very well for several years now. This is the last time Im feeding this troll but it does piss me off when someone is so thick headed to continue to act this way.

  9. Eddy Ito
    Facepalm

    Lovely

    So basically anyone using the accessibility on screen keyboard tool and IE is pretty much screwed when entering a password of any sort. I can see I'll be calling my aunt this evening to ask which browser she uses.

    1. ChrisC Silver badge

      Re: Lovely

      You might also want to ask her if her if she's ever moved or resized the onscreen keyboard window, and if the way she moves the mouse pointer over the window would give any clues as to which keys she's selecting. The demonstration page linked to in this article shows that IE doesn't capture mouse clicks, so the attacker would need to infer clicks from some signature behaviour in the position data. And AFAIK, IE doesn't allow a script to determine the position or size of another application window, so unless the onscreen keyboard has never been moved/resized then there's no way for the attacker to know for sure whether or not the pointer position corresponds to a position within the keyboard window, let alone which of the keys within that window it then corresponds to.

  10. J.G.Harston Silver badge

    Mouse cursor? This: -> _ is a cursor, a text input position indicator. This is a pointer.

    1. NomNomNom

      http://msdn.microsoft.com/en-us/library/system.windows.forms.cursor.aspx

    2. HAL4000
      Headmaster

      Downvote...

      ...for failing to properly deploy your pedant icon.

    3. Kubla Cant
      Headmaster

      @J.G.Harston

      Well, it's called a cursor in CSS and in such GUI APIs as I'm familiar with.

      The trouble with calling it a pointer is that "pointer" is normally used for a particular type of cursor, to distinguish it from text cursors, resize cursors, wait cursors and so forth. But you can call it whatever you like.

  11. RAMChYLD Bronze badge
    Flame

    "Although they see Redmond recapturing some market share thanks to the introduction of Windows 8 and Windows Phone 8"

    I cannot see how. Given that Windows Phone 8 is still pretty much as useful as a paperweight in many countries and Windows 8 is still getting flak over the Metro/Modern/whatever UI.

    1. Anonymous Coward
      Anonymous Coward

      Windows 8 is still getting flak

      Only on forums like this. Up to now I have seen 4 Win 8 laptops and 2 Win 8 phones brought into my office to have them connected to the wireless network (we don't give out the password) and the people who bought them have been surprisingly positive about it. I was expecting them to be asking if they could replace it with Win 7 but they don't want to.

      Small sample size of anecdotal evidence to be sure, but it seems to be popular with the people actually using it and not just slagging it off because of what they have read elsewhere

      1. Anonymous Coward
        Trollface

        Re: Windows 8 is still getting flak

        Of course it is popular with Microsoft employees!

        Or are you implying anyone else is using it by choice? And no, replacing TIFKAM with classic shell doesn't count as using windows 8.

        1. Hooksie

          Re: Windows 8 is still getting flak

          Yup. I have, as any commentard who has seen my rants will tell you, 3 machines all happily running Windows 8 and I wouldn't go back to Windows 7 if you paid me. In fact, currently at a client site using Windows XP and it's amazing to see how dated it has become. Like if you saw a picture of Maria Whittaker as she is now.

          Anyway, back to the 'debate', this supposed security flaw is, as others have pointed out, not a security flaw. There is not a chance in hell of anyone gaining any meaningful or useful information and certainly no chance of giving away any password information.

          Personally I've used Chrome for a few years now, pretty much since it came out, but all the tracking and tracing it does scares the crap out of me. Would you rather trust MS or Google? Tough question. But I have to say that since upgrading to Windows 8 I've found myself using IE again. It works fine, it's fast, doesn't crash and ive had no issues at all. This bullshit post and all the Linux dribblers have done nothing to convince me otherwise. I know Linux/UNIX is great and has its place but seriously, how many non technical people would have a shit clue what to do with it? By all means criticise when necessary and point out flaws where they exist but this is just bollocks scare mongering. I'm starting to think TheRegister was bought by an Apple owned company :-)

  12. JaitcH
    Thumb Down

    Internet Explorer? Oh, yes ...

    it's one of the things we remove when installing Windows, along with a whole lot of other fat ware.

    We practice safe(r) browsing.

    1. historymaker118
      Linux

      Re: Internet Explorer? Oh, yes ...

      I didn't think it was possible to fully remove IE from a windows machine? I would really appreciate some instructions on how to do this, because for now, I've just shoved it out of the way where my parents can't find it and have disguised firefox as IE so they don't complain about where the 'internet button' has gone.

      1. Hooksie
        Trollface

        Re: Internet Explorer? Oh, yes ...

        You're right, it isn't. He's lying. Or he doesn't know what the fuck he's talking about. I'm going to give him the benefit of the doubt and say it's the latter ;-)

  13. John Tserkezis

    I've given up on trying to get people off IE onto something else - anything else.

    Same with trying to get people to back up.

    You don't have to take my advice, but you lose the right to cry and whine about it after the fact.

  14. Anonymous Coward
    Anonymous Coward

    Touch screen?

    Does this work for touch screen use? Eg if one were to use an application to write with a stylus, could this thing capture the whole of the written text? If so, then definitely dodgy.

  15. Michael H.F. Wilkinson Silver badge
    Mushroom

    One more reason (as if I needed one) not to use IE

    <- Nuke it from space, it's the only way to be sure

  16. Anonymous Coward
    Anonymous Coward

    Shit happens when you make your browser your shell too. Who cares if you fuck over your customers as long as you're fucking up any chance of fair competition. Well, Fuckwits meet Karma.

  17. Anonymous Coward
    Anonymous Coward

    Could not get it too work for me.

    Key presses worked fine but would nto track my mouse.

  18. NomNomNom

    oh no some ad company might record a bunch of x and y coordinates!

  19. Crisp

    Exploits have become mainstream

    You know you're screwed when admen start exploiting browser vulnerabilities.

  20. Camilla Smythe

    Ah but....

    Consider those Banking, and other forms, where you have to pick three letters from your 'memorable' word from a drop down alphabetical list. The browser has already reported your screen resolution, font type and font size back to the 'mothership'....

    1. Colin Millar

      Re: Ah but....

      You shouldn't be running any other windows or tabs when you go to a banking logon page.

      Your bank's initial page shouldn't contain any uncontrolled links.

      The logon page should allow you to close the initial page behind it and should not contain any links at all other than those needed to actually log on.

      If your banking pages contain off-site links get a different bank - they are not serious about security.

  21. Anonymous Coward
    Anonymous Coward

    Doesn't track mouse movements on the extended screen!

    I can browse as much as I want and no mouse movements are being recorded.

    As soon as I move the mouse to the primary display, then you can see the mouse movements being tracked.

    Also, it doesn't show you what is being clicked and it doesn't show you what is being displayed on screen.

    1. Chemist

      "Doesn't track mouse movements on the extended screen!"

      It's a bug- you need to report that

    2. Pookietoo

      re: Doesn't track mouse movements on the extended screen!

      Probably just hasn't been coded to - I expect the info is there if you want to read it.

  22. Mark Allread

    If, in Windows 9

    .. they removed the metro start screen and put the tired old start menu back, there'd be a *lot* of people pissed off about that.

  23. Anonymous Coward
    Anonymous Coward

    Shame Firefox doesn't have this "feature"

    Because ad companies would get a lot of cock shapes from my mouse movements.

    Well, they wouldn't, because I use AdBlock Plus and NoScript, and indeed Ghostery.

    But.. ah, never mind.

  24. Colin Millar

    Extended screen

    It doesn't appear to track to the extended screen

    Also - loved this piece of advice

    "NB If you're not currently using Internet Explorer, then we suggest you view this page again with Internet Explorer"

  25. Anonymous Coward
    Anonymous Coward

    @ dssf

    Hang in there brother.

    1. dssf

      Re: @ dssf

      Thanks, :-)

      I slept it off. It is a new day. I will leave my posts visible, partly to knock myself in the head to remember to use fewer polarizing, inventive, (except, iexploDer, whic I first saw in IT around 1997, loked, and used when a fitting context arose) words. Otherwise, i will incur more negs faster than any positive recovery.

      Again, thanks.

  26. Anonymous Coward
    Coat

    His cursor was doing this while mobile doing this.

    With GPS, microphone, camera and motion sensing phones, IPV6, built in Webcams, Bluetooth, NearField, CCTV, ANPR etc we can be tracked to mm and that's just the "Visible" technology.

    I personally don't fret about it too much as I don't have a life worth watching but there are times when I wonder if tin foil covered safe houses free of data connections will spring up, areas with poor cell coverage will command a premium.

    Won't be long and Faraday cages and "alternative browsers" will be outlawed.

    And to the hoodie wearing teenagers you're just not thinking it through.

    Mines the one with your life path on a USB stick in the pocket.

  27. Anonymous Coward
    Anonymous Coward

    Potential Solution:

    Uninstall Javascript

This topic is closed for new posts.

Other stories you might like