Hi, Good catch! It turns out that I asked Gator 2 years ago about potential security problems in the Gator download system. See the attached message. According to my archives, I never got a reply. Richard M. Smith http://www.ComputerBytesMan.com -----Original Message----- From: Richard M. Smith Sent: Monday, January 17, 2000 5:17 PM To: mark@gator.com; tony@gator.com; mpennell@YAHOO.COM Cc: Richard M. Smith Subject: A few technical questions about the Gator plugin for IE Hi Tony Martin and Mark Pennell, I have a few technical questions about the Gator plugin for Internet Explorer: 1. Are there any security mechanisms built into the Gator ActiveX control to prevent a hacker from using the control on their own Web page to download and execute malicous code? It appears to me from Gator installation page that the location of the Setup Bundle file is settable using the "server" and "rootdir" parameters. 2. What file format does a Setup Bundle file use? 3. How come ever transmission from my computer to the eguard.com server includes a GUID serial number? Example: GET /Cmd/Client_GetSite;wired.com HTTP/1.0 Accept: */* User-Agent: 5D3D6420CCF311D3A67F002078900337 Script-Version: 0.2 Product-Version: 1.1.1.1 Host: scriptserver.eguard.com I assume that this number is unique id number which identifies me. It seems to contain my Ethernet adapter address (002078900337). 4. Is this GUID serial number associated with my registration information? Thanks, Richard
