[icq-devel] ( v5 ) ICQ SPY YOU.



John Turner jturner at hypershop.com
Fri Sep 21 19:48:52 CEST 2001


I think this one is pretty obvious, but I may be way off.

When most people install ICQ for the first time they are just checking it
out. They are not trying to hide information, including IP's, or be sneaky.
Now 6 months down the road this user decides to start using ICQ as a method
of receiving messages from "hijacked" computers. But, in preparation for
this, the user created a new account to get these messages on. By knowing
the first UIN created you have a start point in your investigation and are
more likely to successfully gather the needed info. Furthermore, IE users
could have this key read when they went to the ICQ website, giving more
information (such as IP) about a user. With that said, it's pretty clear why
they store this info.

Just my 2 cents


----- Original Message -----
From: Remy Lebeau <gambit47 at gte.net>
To: <icq-devel at blipp.com>
Sent: Friday, September 21, 2001 12:03 PM
Subject: Re: [icq-devel] ( v5 ) ICQ SPY YOU.


> That still leaves the question, though - WHY are they looking to see what
> other UINs are registered to begin with?  They shouldn't care about that,
> only about the specific UIN actually doing the login at the time
>
>
> Gambit
>
> ----- Original Message -----
> From: "Castiglione" <castiglione at mac.com>
> To: <icq-devel at blipp.com>
> Sent: Friday, September 21, 2001 1:19 AM
> Subject: Re: [icq-devel] ( v5 ) ICQ SPY YOU.
>
>
> > You know, your UIN is hardly sensitive information to Mirabilis, seeing
> > as how they already know it. The only thing of possible interest there
> > is that they could see which UINs are registered on the same computer,
> > which shouldn't do too much harm.
>
>
> -------------------------------------------------
> icq-devel - The forum for ICQ protocol discussion
> For unsubscribe and other mailing list info, see:
> http://www.d.kth.se/~d95-mih/icq/icq-devel/
>




More information about the icq-devel mailing list