> We just disagree. Opening up the web site gives the sender the > information that it has found a live user who can be conned in some way. > This conning has nothing to do with using Windows. > Aaron Konstam telephone: (210) 656-0355 e-mail: akonstam@xxxxxxxxxxxxx If done as Ian stated, yes they could determine that a particular e-mail address responded by clicking on the link. I have not observed that. If they are cleverly obfuscating my email address in the URL then perhaps they may have sneaked one past me. As for having nothing to do with Windows, you are correct as far as the social engineering aspect of it is concerned. But you said by visiting the site you were compromised. That would only occur if the site had code in it to exploit your browser - hence why I mentioned Windows and IE as being at risk of being compromised by "simply visiting" whereas Linux with Firefox is not. The part about getting you to enter personal information is the social engineering aspect which agreed has nothing to do with the OS and everything to do with what's in between the ears. I'm certainly not advocating that people start following these links. To the contrary I agree they should not. I was simply disagreeing with your statement that the OP was automatically compromised for having just visited the site. Re-read my last posting and you will see that that was the point I was making. We agree on most, just not on the part that you are automatically compromised for having followed such a link. Some personal information (email address if done as Ian explained) and non-identifying information (IP, browser, OS) is potentially harvested by the server. Maybe it's just a difference in how we interpret "compromised". I do not call that being compromised as to me that would involve either your system becoming infected or you sharing personal/identifying information that could allow a person to steal your identity or otherwise leverage that personal information for financial gain. Anyhow, enough OT for me. Feel free to post a rebuttal. If you wish to debate beyond a rebuttal then let's take it off-line or on a list dedicated to such debates. Jacques B.
