Go Back   Computer Forums > Welcome To Computer Forums .org > Site Admin, News and Feedback
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 06-01-2017, 08:01 AM   #11
Dystopia now
 
foothead's Avatar
 
Join Date: May 2009
Location: My own personal hell
Posts: 10,014
Default Re: Clarification of Google iframe

Quote:
Originally Posted by iPwn View Post



I wouldn't doubt that Google is probably taking more than they should, but wouldn't think too much beyond that. For someone to get at your PM's would still fall into the eavesdropping category... e.g. I doubt they're getting a print out of everyone's PM's. And if they are... well.... I'm making a second account and sending it dick pics
Correct me if I'm wrong, but is all text entered within an iFrame not automatically viewable to the iFrame source? Even if the PM itself is sent through a secure manner, google would be able to aggregate our PMs by "reading" them a they are composed.

I have seen this technique used to glean credit card information on multiple occasions. Wrap a secured site within an iframe, and you gain access to personal information without any need for interception.
__________________

foothead is online now   Reply With Quote
Old 06-02-2017, 01:28 PM   #12
Fully Optimized
 
Bahawolf's Avatar
 
Join Date: May 2005
Location: United States
Posts: 2,604
Default Re: Clarification of Google iframe

May you point out where you're seeing that the site is being loaded from within an iframe? I see that some of the marketing scripts mention iframe from within the script name, but the site itself is not being loaded via an iframe.

EDIT: Sorry, I just saw the attachment. External scripts can be loaded in via an iFrame, without exposin g the content of the entire site.
__________________

Bahawolf is offline   Reply With Quote
Old 06-02-2017, 02:08 PM   #13
BSOD
 
Join Date: Feb 2016
Location: US
Posts: 963
Default Re: Clarification of Google iframe

Quote:
Originally Posted by foothead View Post
Correct me if I'm wrong, but is all text entered within an iFrame not automatically viewable to the iFrame source? Even if the PM itself is sent through a secure manner, google would be able to aggregate our PMs by "reading" them a they are composed.

I have seen this technique used to glean credit card information on multiple occasions. Wrap a secured site within an iframe, and you gain access to personal information without any need for interception.
Yeah. Because Google has sufficient manpower to sit and personally read billions of personal messages every minute.

The bottom line is everything on the internet is public everything you type and send through the internet is public anyone can see it if they want to don't assume there is any privacy or safety in public.
Technician is offline   Reply With Quote
Old 06-02-2017, 02:43 PM   #14
Fully Optimized
 
Bahawolf's Avatar
 
Join Date: May 2005
Location: United States
Posts: 2,604
Default Re: Clarification of Google iframe

Quote:
Originally Posted by Technician View Post
Yeah. Because Google has sufficient manpower to sit and personally read billions of personal messages every minute.

The bottom line is everything on the internet is public everything you type and send through the internet is public anyone can see it if they want to don't assume there is any privacy or safety in public.
Agreed.

Though I think it is important to be alert online, there is very little to be obtained through ComputerForums. This community doesn't process orders for anything, and there really isn't any propietary or valuable data that can be stolen.

From a security standpoint, the site is running an older version of vBulletin. This is a larger security concern than any script being pulled in via an iframe. Seeing as the scripts are coming directly from Google, there is little chance for the source to be manipulated. That being said, the site is at a higher risk of someone exploiting the software, and dumping the database, than it is of Google reading your private messages.

Making it a habit of having a unique password for each site reduces your risk. Using a third party app like LastPass makes it incredibly easy nowadays, and then you don't have to worry about getting accounts stolen due to a data leak.
__________________

Bahawolf is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 01:46 AM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0