[Liverpool] Websites writing registry keys

Dan Lynch biglynchy at gmail.com
Thu Jun 23 17:10:04 UTC 2011 

Did someone say Lynch mob? I'm not taking the blame for that :D

I didn't realise websites could write to the registry of a Windows machine
though, to be honest it makes me all the more glad I don't use that OS. That
sounds like a accident waiting to happen.

Dan



On Thu, Jun 23, 2011 at 2:43 PM, Sebastian Arcus <shop at open-t.co.uk> wrote:

> I apologise again for the heresy. I have washed my mouth with soap after
> even thinking of Windows. Oh, damn, I've done it again! Where is that soap
> bar?
>
> What is that that I'm seeing? It looks suspiciously like a burning stake
> and a lynch mob. Hmm, better get my coat now. The one with the rocket
> backpack in the pockets.
>
> Sebastian
>
>
>
>
> On 23/06/11 13:42, Andrew Bates wrote:
>
>> quick, someone put Sebastian into protective custody. he is talking
>> about THAT operating system here!
>>
>> On 23 June 2011 13:42, Sebastian Arcus <shop at open-t.co.uk
>> <mailto:shop at open-t.co.uk>> wrote:
>>
>>    While looking for some other bit of information, I stumbled about
>>    the fact that some websites write information under some registry
>>    keys in Windows, namely:
>>
>>    HKCU\Software\Microsoft\__**Windows\CurrentVersion\__**
>> Explorer\UserAssist\
>>
>>    They seem to be counters of various sorts, which are encrypted with
>>    a really weak encryption (ROT-13) and used by various local software
>>    and websites to keep track of things.
>>
>>    What absolutely stumps me is that I always thought that, without the
>>    use of Java or ActiveX, "normal" websites don't have access to the
>>    registry, or any other part of the file system except the Cookies
>>    and Internet Temp folders.
>>
>>    Does anybody know any more about this? Specially the ones in the
>>    group involved more closely with webdesign? How exactly do those
>>    websites gain access to the registry? How often is the practice used?
>>
>>    This is all news to me. I know we are a Linux list, but I also know
>>    many of you are concerned with privacy and security issues - so I'm
>>    posting by the off chance there are others interested in this.
>>
>>    Sebastian
>>
>>    ______________________________**___________________
>>    Liverpool mailing list
>>    Liverpool at mailman.lug.org.uk <mailto:Liverpool at mailman.lug.**org.uk<Liverpool at mailman.lug.org.uk>
>> >
>>
>>    https://mailman.lug.org.uk/__**mailman/listinfo/liverpool<https://mailman.lug.org.uk/__mailman/listinfo/liverpool>
>>    <https://mailman.lug.org.uk/**mailman/listinfo/liverpool<https://mailman.lug.org.uk/mailman/listinfo/liverpool>
>> >
>>
>>
>>
>>
>> ______________________________**_________________
>> Liverpool mailing list
>> Liverpool at mailman.lug.org.uk
>> https://mailman.lug.org.uk/**mailman/listinfo/liverpool<https://mailman.lug.org.uk/mailman/listinfo/liverpool>
>>
>
> ______________________________**_________________
> Liverpool mailing list
> Liverpool at mailman.lug.org.uk
> https://mailman.lug.org.uk/**mailman/listinfo/liverpool<https://mailman.lug.org.uk/mailman/listinfo/liverpool>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/liverpool/attachments/20110623/0053d937/attachment.htm>

More information about the Liverpool mailing list