Can You Answer These Twelve Internet Security Questions?

[FromTheRafters]

Aardvark wrote:
> On Fri, 25 May 2012 21:26:44 +0000, Aardvark wrote:
>
>>> Perhaps SM does pre-rendering in newsgroups?
>>>
>>>
>> Possibly. I might try it in Konqueror and whatever other browsers I have
>> installed here.
>
> Just tried it in both Konq and SM. Nothing.
>
> If you can still open the page, could you check the source and see if you
> can divine what might be amiss?
>
Maybe it's something in:

<script type="text/javascript" src="setcookie.js"></script>

or

<script type="text/javascript"
src="http://analytics.aweber.com/js/awt_analytics.js?id=6HSL"></script>

It uses style sheets too, but that's pretty common practice.

[Dustin]

FromTheRafters <erratic@nomail.afraid.org> wrote in
news:jpp7lu$pgk$1@dont-email.me:

> Aardvark wrote:
>> On Fri, 25 May 2012 21:26:44 +0000, Aardvark wrote:
>>
>>>> Perhaps SM does pre-rendering in newsgroups?
>>>>
>>>>
>>> Possibly. I might try it in Konqueror and whatever other browsers I
>>> have installed here.
>>
>> Just tried it in both Konq and SM. Nothing.
>>
>> If you can still open the page, could you check the source and see
>> if you can divine what might be amiss?
>>
> Maybe it's something in:
>
> <script type="text/javascript" src="setcookie.js"></script>
>
> or
>
> <script type="text/javascript"
> src="http://analytics.aweber.com/js/awt_analytics.js?id=6HSL"></script
> >
>
> It uses style sheets too, but that's pretty common practice.
>
>
>

firefox v12 opened it with no hassle. Noscript blocking by default.

It's a sales pitch. David is stalking the individual. Has been for
years. I think Bob Rankin was the author of the now dead tourbus email
list. Very useful for those in IT.




--
Character is doing the right thing when nobody's looking. There are too
many people who think that the only thing that's right is to get by, and
the only thing that's wrong is to get caught. - J.C. Watts

[Aardvark]

On Sat, 26 May 2012 02:35:20 +0000, Dustin wrote:

> FromTheRafters <erratic@nomail.afraid.org> wrote in
> news:jpp7lu$pgk$1@dont-email.me:
>
>> Aardvark wrote:
>>> On Fri, 25 May 2012 21:26:44 +0000, Aardvark wrote:
>>>
>>>>> Perhaps SM does pre-rendering in newsgroups?
>>>>>
>>>>>
>>>> Possibly. I might try it in Konqueror and whatever other browsers I
>>>> have installed here.
>>>
>>> Just tried it in both Konq and SM. Nothing.
>>>
>>> If you can still open the page, could you check the source and see if
>>> you can divine what might be amiss?
>>>
>> Maybe it's something in:
>>
>> <script type="text/javascript" src="setcookie.js"></script>
>>
>> or
>>
>> <script type="text/javascript"
>> src="http://analytics.aweber.com/js/awt_analytics.js?id=6HSL"></script
>> >
>> >
>> It uses style sheets too, but that's pretty common practice.
>>
>>
>>
>>
> firefox v12 opened it with no hassle. Noscript blocking by default.
>

FF v12 with NoScript here on Mandriva 2011, Konqueror with the same
plugin, and SM all on the same OS, still no joy. Tried a few times
yesterday with all of them.

> It's a sales pitch. David is stalking the individual.

LOL. I'd guessed as much. Any URL he provides is one of his stalking
targets and he posts and 'recommends' them 'innocently' to entice people
to go there in the hope that they'll share his 'hinky' about the person/
site.

I wonder when (or even *if*) he's going to realise his sly attempts to
manipulate people are really feeble. :-)

> Has been for
> years. I think Bob Rankin was the author of the now dead tourbus email
> list. Very useful for those in IT.

And therefore most probably a 'good guy'.



--
"Tell me, truthfully, do *you* download music from The Pirate Bay for
your personal use and listening pleasure?"
Clever guy BD in post <gLidnTjP2tgGPy7SnZ2dnUVZ7qKdnZ2d@bt.com>

[FromTheRafters]

Dustin wrote:
> FromTheRafters<erratic@nomail.afraid.org> wrote in
> news:jpp7lu$pgk$1@dont-email.me:
>
>> Aardvark wrote:
>>> On Fri, 25 May 2012 21:26:44 +0000, Aardvark wrote:
>>>
>>>>> Perhaps SM does pre-rendering in newsgroups?
>>>>>
>>>>>
>>>> Possibly. I might try it in Konqueror and whatever other browsers I
>>>> have installed here.
>>>
>>> Just tried it in both Konq and SM. Nothing.
>>>
>>> If you can still open the page, could you check the source and see
>>> if you can divine what might be amiss?
>>>
>> Maybe it's something in:
>>
>> <script type="text/javascript" src="setcookie.js"></script>
>>
>> or
>>
>> <script type="text/javascript"
>> src="http://analytics.aweber.com/js/awt_analytics.js?id=6HSL"></script
>>>
>>
>> It uses style sheets too, but that's pretty common practice.
>>
>>
>>
>
> firefox v12 opened it with no hassle. Noscript blocking by default.

I'm not all that familiar with FF's capabilities. Do you know if, even
with Noscript blocking by default, any pre-fetching is still attempted?
After all - it still appears as a link in the HTML even though the
script itself won't be allowed to execute.

Most of the links (mostly graphics) are relative links, except the
analytics one.

[Aardvark]

On Sat, 26 May 2012 09:26:06 -0400, FromTheRafters wrote:

> Dustin wrote:
>> FromTheRafters<erratic@nomail.afraid.org> wrote in
>> news:jpp7lu$pgk$1@dont-email.me:
>>
>>> Aardvark wrote:
>>>> On Fri, 25 May 2012 21:26:44 +0000, Aardvark wrote:
>>>>
>>>>>> Perhaps SM does pre-rendering in newsgroups?
>>>>>>
>>>>>>
>>>>> Possibly. I might try it in Konqueror and whatever other browsers I
>>>>> have installed here.
>>>>
>>>> Just tried it in both Konq and SM. Nothing.
>>>>
>>>> If you can still open the page, could you check the source and see if
>>>> you can divine what might be amiss?
>>>>
>>> Maybe it's something in:
>>>
>>> <script type="text/javascript" src="setcookie.js"></script>
>>>
>>> or
>>>
>>> <script type="text/javascript"
>>> src="http://analytics.aweber.com/js/awt_analytics.js?id=6HSL"></script
>>>>
>>>>
>>> It uses style sheets too, but that's pretty common practice.
>>>
>>>
>>>
>>>
>> firefox v12 opened it with no hassle. Noscript blocking by default.
>
> I'm not all that familiar with FF's capabilities. Do you know if, even
> with Noscript blocking by default, any pre-fetching is still attempted?
> After all - it still appears as a link in the HTML even though the
> script itself won't be allowed to execute.
>

Wouldn't the simplest method of operation for something like NS be
running the source through NS first, then every time it encounters a pair
of <script> </script> tags either ignoring them or rewriting the source
without them, then sending the edited or reformed HTML to the rendering
engine? Either way, by the time the code actually gets to FF itself,
there are no script tags. Might that affect the source code subsequent to
the script introduction,causing some kind of lock-up in the loading?

> Most of the links (mostly graphics) are relative links, except the
> analytics one.

See above. If NS runs as I have described above, relativity or otherwise
of the script links is purely academic, isn't it? Unless, of course, some
of the script subsequent to one of the tags is dependent in some way on
the script?



--
"Tell me, truthfully, do *you* download music from The Pirate Bay for
your personal use and listening pleasure?"
Clever guy BD in post <gLidnTjP2tgGPy7SnZ2dnUVZ7qKdnZ2d@bt.com>

[FromTheRafters]

Aardvark wrote:
> On Sat, 26 May 2012 09:26:06 -0400, FromTheRafters wrote:
>
>> Dustin wrote:
>>> FromTheRafters<erratic@nomail.afraid.org> wrote in
>>> news:jpp7lu$pgk$1@dont-email.me:
>>>
>>>> Aardvark wrote:
>>>>> On Fri, 25 May 2012 21:26:44 +0000, Aardvark wrote:
>>>>>
>>>>>>> Perhaps SM does pre-rendering in newsgroups?
>>>>>>>
>>>>>>>
>>>>>> Possibly. I might try it in Konqueror and whatever other browsers I
>>>>>> have installed here.
>>>>>
>>>>> Just tried it in both Konq and SM. Nothing.
>>>>>
>>>>> If you can still open the page, could you check the source and see if
>>>>> you can divine what might be amiss?
>>>>>
>>>> Maybe it's something in:
>>>>
>>>> <script type="text/javascript" src="setcookie.js"></script>
>>>>
>>>> or
>>>>
>>>> <script type="text/javascript"
>>>> src="http://analytics.aweber.com/js/awt_analytics.js?id=6HSL"></script
>>>>>
>>>>>
>>>> It uses style sheets too, but that's pretty common practice.
>>>>
>>>>
>>>>
>>>>
>>> firefox v12 opened it with no hassle. Noscript blocking by default.
>>
>> I'm not all that familiar with FF's capabilities. Do you know if, even
>> with Noscript blocking by default, any pre-fetching is still attempted?
>> After all - it still appears as a link in the HTML even though the
>> script itself won't be allowed to execute.
>>
>
> Wouldn't the simplest method of operation for something like NS be
> running the source through NS first, then every time it encounters a pair
> of<script> </script> tags either ignoring them or rewriting the source
> without them, then sending the edited or reformed HTML to the rendering
> engine?

I suppose, but the simplest way isn't always the way things are actually
done. )

Browsers want to do stuff in the background while the user is reading
what is already displayed so that it can appear to be faster at loading
the next page the user might navigate to. If NS runs as you say, like a
proxy (the old proxomitron comes to mind) then FF would never know that
those links existed - but as a plug-in I'm not sure what parses the page
first.

BTW, that page loads in a snap now in IE - even a refresh. It might be
cached by my ISP though.

> Either way, by the time the code actually gets to FF itself,
> there are no script tags. Might that affect the source code subsequent to
> the script introduction,causing some kind of lock-up in the loading?

I don't think so, it's a mystery.

>> Most of the links (mostly graphics) are relative links, except the
>> analytics one.
>
> See above. If NS runs as I have described above, relativity or otherwise
> of the script links is purely academic, isn't it?

Yes, it would never be fetched if all of the script containers and their
contents were removed before the browser got the page.

> Unless, of course, some
> of the script subsequent to one of the tags is dependent in some way on
> the script?

Then we're back to lousy web design, IMO there should be any reliance on
JS being enabled. I didn't see anything like that on that page, and I
didn't download and look at the scripts themselves when I read the HTML
page, just noticed that they were there.

[Dustin]

FromTheRafters <erratic@nomail.afraid.org> wrote in
news:jpqlli$bei$1@dont-email.me:

> Dustin wrote:
>> FromTheRafters<erratic@nomail.afraid.org> wrote in
>> news:jpp7lu$pgk$1@dont-email.me:
>>
>>> Aardvark wrote:
>>>> On Fri, 25 May 2012 21:26:44 +0000, Aardvark wrote:
>>>>
>>>>>> Perhaps SM does pre-rendering in newsgroups?
>>>>>>
>>>>>>
>>>>> Possibly. I might try it in Konqueror and whatever other browsers
>>>>> I have installed here.
>>>>
>>>> Just tried it in both Konq and SM. Nothing.
>>>>
>>>> If you can still open the page, could you check the source and see
>>>> if you can divine what might be amiss?
>>>>
>>> Maybe it's something in:
>>>
>>> <script type="text/javascript" src="setcookie.js"></script>
>>>
>>> or
>>>
>>> <script type="text/javascript"
>>> src="http://analytics.aweber.com/js/awt_analytics.js?id=6HSL"></scri
>>> pt
>>>>
>>>
>>> It uses style sheets too, but that's pretty common practice.
>>>
>>>
>>>
>>
>> firefox v12 opened it with no hassle. Noscript blocking by default.
>
> I'm not all that familiar with FF's capabilities. Do you know if,
> even with Noscript blocking by default, any pre-fetching is still
> attempted? After all - it still appears as a link in the HTML even
> though the script itself won't be allowed to execute.

Firefox by default does attempt to prefetch. NoScript doesn't seem
hassled by it.

> Most of the links (mostly graphics) are relative links, except the
> analytics one.

Yep.
I get the NoScript signature where an advertisement or graphic or
something should be. [g]




--
Character is doing the right thing when nobody's looking. There are too
many people who think that the only thing that's right is to get by,
and the only thing that's wrong is to get caught. - J.C. Watts

[Aardvark]

On Fri, 25 May 2012 20:21:15 -0400, FromTheRafters wrote:

> Aardvark wrote:
>> On Fri, 25 May 2012 21:26:44 +0000, Aardvark wrote:
>>
>>>> Perhaps SM does pre-rendering in newsgroups?
>>>>
>>>>
>>> Possibly. I might try it in Konqueror and whatever other browsers I
>>> have installed here.
>>
>> Just tried it in both Konq and SM. Nothing.
>>
>> If you can still open the page, could you check the source and see if
>> you can divine what might be amiss?
>>
> Maybe it's something in:
>
> <script type="text/javascript" src="setcookie.js"></script>
>

Possible but unlikely IMO, FTR. I enter sites with NoScript running, so
that shouldn't hold up loading.

> or
>
> <script type="text/javascript"
> src="http://analytics.aweber.com/js/awt_analytics.js?id=6HSL"></script>
>

NS would take care of that too, Shirley. I remember when aweber sold
autoresponders.

> It uses style sheets too, but that's pretty common practice.

Indeed. Somewhat of a mystery, thus far.



--
"Tell me, truthfully, do *you* download music from The Pirate Bay for
your personal use and listening pleasure?"
Clever guy BD in post <gLidnTjP2tgGPy7SnZ2dnUVZ7qKdnZ2d@bt.com>

[FromTheRafters]

Aardvark wrote:
> On Fri, 25 May 2012 20:21:15 -0400, FromTheRafters wrote:
>
>> Aardvark wrote:
>>> On Fri, 25 May 2012 21:26:44 +0000, Aardvark wrote:
>>>
>>>>> Perhaps SM does pre-rendering in newsgroups?
>>>>>
>>>>>
>>>> Possibly. I might try it in Konqueror and whatever other browsers I
>>>> have installed here.
>>>
>>> Just tried it in both Konq and SM. Nothing.
>>>
>>> If you can still open the page, could you check the source and see if
>>> you can divine what might be amiss?
>>>
>> Maybe it's something in:
>>
>> <script type="text/javascript" src="setcookie.js"></script>
>>
>
> Possible but unlikely IMO, FTR. I enter sites with NoScript running, so
> that shouldn't hold up loading.
>
>> or
>>
>> <script type="text/javascript"
>> src="http://analytics.aweber.com/js/awt_analytics.js?id=6HSL"></script>
>>
>
> NS would take care of that too, Shirley. I remember when aweber sold
> autoresponders.
>
>> It uses style sheets too, but that's pretty common practice.
>
> Indeed. Somewhat of a mystery, thus far.
>
I run with scripting enabled, and sometimes those larger scripts (Fake
AV come-ons) take a long time to load and execute - selectors take even
longer.

[Aardvark]

On Sat, 26 May 2012 09:30:08 -0400, FromTheRafters wrote:

> Aardvark wrote:
>> On Fri, 25 May 2012 20:21:15 -0400, FromTheRafters wrote:
>>
>>> Aardvark wrote:
>>>> On Fri, 25 May 2012 21:26:44 +0000, Aardvark wrote:
>>>>
>>>>>> Perhaps SM does pre-rendering in newsgroups?
>>>>>>
>>>>>>
>>>>> Possibly. I might try it in Konqueror and whatever other browsers I
>>>>> have installed here.
>>>>
>>>> Just tried it in both Konq and SM. Nothing.
>>>>
>>>> If you can still open the page, could you check the source and see if
>>>> you can divine what might be amiss?
>>>>
>>> Maybe it's something in:
>>>
>>> <script type="text/javascript" src="setcookie.js"></script>
>>>
>>>
>> Possible but unlikely IMO, FTR. I enter sites with NoScript running, so
>> that shouldn't hold up loading.
>>
>>> or
>>>
>>> <script type="text/javascript"
>>> src="http://analytics.aweber.com/js/awt_analytics.js?id=6HSL"></
script>
>>>
>>>
>> NS would take care of that too, Shirley. I remember when aweber sold
>> autoresponders.
>>
>>> It uses style sheets too, but that's pretty common practice.
>>
>> Indeed. Somewhat of a mystery, thus far.
>>
> I run with scripting enabled, and sometimes those larger scripts (Fake
> AV come-ons) take a long time to load and execute - selectors take even
> longer.

The thirty or so seconds I allowed should be enough, don't you think? I
actually went off to the kitchen to make a cuppa tea after clicking the
link once. Still hadn't loaded when I got back.



--
"Tell me, truthfully, do *you* download music from The Pirate Bay for
your personal use and listening pleasure?"
Clever guy BD in post <gLidnTjP2tgGPy7SnZ2dnUVZ7qKdnZ2d@bt.com>