Montana Owners Club - Keystone Montana 5th Wheel Forum - View Single Post

sreigle · 08-14-2006, 05:01 PM

Glenn, I'm very familiar with GIF, including the animation variety. But I have to respectfully disagree with you.

Single pixel gifs set to transparent, and thus apparently invisible, can trigger things you wouldn't think a gif can do. You are correct it's not really the gif itself but it serves as the trigger for the surrounding html and that's why I won't open an email with a gif from anyone I don't know and why I look for GIF when peeking into suspicious emails. While these may be invisible while reading the email they are visible when peeking as I described in the other post.

For instance, this is a quote from this website -

-------------
http://www.brettglass.com/spam/paper.html

Invasion of Privacy and DoS attacks via E-mail
E-mail may also contain exploits that compromise the recipient's privacy or render his or her system unusable. An HTML message containing an image tag will cause many e-mail clients to retrieve the image automatically when the mail is read. If the recipient's e-mail address (or any other unique identifier) is included in the image tag (e.g. [img]http://images.spammer.com/picture.jpg?clueless@newbie.com]), a spammer can determine from his or her Web server logs that the address is valid and that the mail was opened. Such an image tag is sometimes called a "mail bug." Because the image will be retrieved via HTTP, the server may also be able to place a cookie on the recipient's machine if browser software is used to display the mail. (The most popular e-mail clients all use browser software to render mail. Outlook, Outlook Express, and AOL use Microsoft Internet Explorer; Netscape Communicator uses Netscape Navigator; Opera uses its own internal HTML rendering software; and Eudora uses Internet Explorer unless explicitly configured not to do so.) The user may not know that any invasion of privacy has taken place, especially if the image is a "clear GIF" or "Web bug." An e-mail message may also contain active content exploits which extract personal information from the recipient's computer.
-----------------

And here's another. http://www.malwarehelp.org/know-about-malware.html

Web bug or Web beacons

Also called a Web bug or a pixel tag or a clear GIF. Used in combination with cookies, a Web beacon is an often-transparent graphic image, usually no larger than 1 pixel x 1 pixel, that is placed on a Web site or in an e-mail that is used to monitor the behavior of the user visiting the Web site or sending the e-mail. When the HTML code for the Web beacon points to a site to retrieve the image, at the same time it can pass along information such as the IP address of the computer that retrieved the image, the time the Web beacon was viewed and for how long, the type of browser that retrieved the image and previously set cookie values.
-----------

See another Montana or Mountaineer on the road? Flash lights twice, it might be one of us!
Steve Reigle (pronounced Regal)
Fulltiming since 3/21/03
'03 3295RK
'05 Ford F250 SD Lariat CC SB 6.0L PSD/TS FX4 4x4

Our RV Travels (now Firefox-compatible)

08-14-2006, 05:01 PM	#19
sreigle Montana Master Join Date: Nov 2002 Location: Oceanside Posts: 20,028 M.O.C. #20	Glenn, I'm very familiar with GIF, including the animation variety. But I have to respectfully disagree with you. Single pixel gifs set to transparent, and thus apparently invisible, can trigger things you wouldn't think a gif can do. You are correct it's not really the gif itself but it serves as the trigger for the surrounding html and that's why I won't open an email with a gif from anyone I don't know and why I look for GIF when peeking into suspicious emails. While these may be invisible while reading the email they are visible when peeking as I described in the other post. For instance, this is a quote from this website - ------------- http://www.brettglass.com/spam/paper.html Invasion of Privacy and DoS attacks via E-mail E-mail may also contain exploits that compromise the recipient's privacy or render his or her system unusable. An HTML message containing an image tag will cause many e-mail clients to retrieve the image automatically when the mail is read. If the recipient's e-mail address (or any other unique identifier) is included in the image tag (e.g. [img]http://images.spammer.com/picture.jpg?clueless@newbie.com]), a spammer can determine from his or her Web server logs that the address is valid and that the mail was opened. Such an image tag is sometimes called a "mail bug." Because the image will be retrieved via HTTP, the server may also be able to place a cookie on the recipient's machine if browser software is used to display the mail. (The most popular e-mail clients all use browser software to render mail. Outlook, Outlook Express, and AOL use Microsoft Internet Explorer; Netscape Communicator uses Netscape Navigator; Opera uses its own internal HTML rendering software; and Eudora uses Internet Explorer unless explicitly configured not to do so.) The user may not know that any invasion of privacy has taken place, especially if the image is a "clear GIF" or "Web bug." An e-mail message may also contain active content exploits which extract personal information from the recipient's computer. ----------------- And here's another. http://www.malwarehelp.org/know-about-malware.html Web bug or Web beacons Also called a Web bug or a pixel tag or a clear GIF. Used in combination with cookies, a Web beacon is an often-transparent graphic image, usually no larger than 1 pixel x 1 pixel, that is placed on a Web site or in an e-mail that is used to monitor the behavior of the user visiting the Web site or sending the e-mail. When the HTML code for the Web beacon points to a site to retrieve the image, at the same time it can pass along information such as the IP address of the computer that retrieved the image, the time the Web beacon was viewed and for how long, the type of browser that retrieved the image and previously set cookie values. ----------- See another Montana or Mountaineer on the road? Flash lights twice, it might be one of us! Steve Reigle (pronounced Regal) Fulltiming since 3/21/03 '03 3295RK '05 Ford F250 SD Lariat CC SB 6.0L PSD/TS FX4 4x4 Our RV Travels (now Firefox-compatible)