Signatures & virus's

[Karteli]

Hi,

I noticed a member who is using a (what I will call) "smart picture"..it reports in the signature the IP you are connecting from, the country you are in, and the county/province you are in.

Is the final data only displayed to the end user?

My concern is that this can be used for traffic data mining?

To further my concern my AV complained that I was connecting to a hacker site (because of someone elses signature, unrelated), while loading a page on MMO-Champion. The signature was traced back to a known malicious site.

The site was blocked, but if executables like the "smart picture" are allowed to run, I'm not sure what would have happened.

So my question is, are the "smart pictures" safe?

[jsz]

Yes.

/10char

[Acrono]

I think the data is only displayed to the end user , like a special little trick to do for a Sig, but im not that sure on it

[Fortuitous]

It's just a script that uses your browser to provide the information you see. No information is transmitted either way.

It's just the same as someone handing you a name tag that says "My name is: " and you writing your name.

It's totally safe, unless the sig says something like "save this as .jar and double click" then you are probably screwed.

[Twintop]

I think the data is only displayed to the end user , like a special little trick to do for a Sig, but im not that sure on it

You're sort of correct. The image URL actually links back to a script that runs on another server that parses out all of the details, specifically from your browser string, and generates the image you see. This is completely harmless and doesn't give them any more information than they would normally have access to through logging if you viewed a normal image that was hotlinked from another domain.

[Karteli]

Thanks much