Re: To some MSDOS was an major leap forward.
I thought MS Basic was ported to the Altair from DEC PDP-8 source code and adapted from there.
4 posts • joined 4 Jul 2019
"They can detect those vulnerabilities by comparing DNS records and HTTP responses, just as we did."
Actually, not so simple. An HTTP response might well come from a hijacked subdomain. They have to ensure that the HTML itself is Microsoft created. Judging by their sloppiness so far, I'm guessing they would have a hard time determining theirs from not theirs.
I don't know why the article's author failed to disclose the most important parts of this story:
1) The 1 pixel image is used to disclose to the sender not just the fact that the recipient received the email, but also when and where (via IP geolocation) the recipient is every time it's opened.
2) Users of Superhuman are not allowed to opt out of downloading images in emails so cannot avoid being tracked themselves by Superhuman.
Recipients who don't block image downloads end up having lists generated of when and where they were every time they open that email, yet they are not told this by the sender. Great for stalkers, nosy bosses and other creeps, not so great for the unwitting recipient.
The (mostly marketers) who use Superhuman are providing all kinds of useful information on themselves and their customers, all of which Superhuman can legally sell according to the user agreement. Although I haven't confirmed this personally, users have said that they must provide their Gmail password to Superhuman as part of a "live training session" they undergo as a condition of joining Superhuman's service. Creeped out yet? How about this: apparently there's a waiting list to join Superhuman's service!
Biting the hand that feeds IT © 1998–2021