Flyby Spud
User avatar
Posts: 266
Joined: Tue Aug 28, 2012 12:58 pm

Creepy Imageshack Auto-Login

Postby Egg » Tue May 21, 2013 9:58 pm

I just ran into something that has me totally confused. I've had a free Imageshack account (from years ago), and somehow, without typing any login credentials, just uploading an image will automatically log me into the account. This is after clearing cookies and making sure I don't have the user/pass saved in the browser. They even manage to pull it off under "Private Browsing" with NoScript enabled.

So how exactly are they doing this? Are they simply using IP addresses, or are they using some other sort of personal identifier?

Flyby Spud
User avatar
Posts: 223
Joined: Thu Aug 30, 2012 1:36 am
Location: Definitely Not Seattle, Washington

Re: Creepy Imageshack Auto-Login

Postby One Fan To Another » Sat Jun 15, 2013 5:19 am

Egg wrote:I just ran into something that has me totally confused. I've had a free Imageshack account (from years ago), and somehow, without typing any login credentials, just uploading an image will automatically log me into the account. This is after clearing cookies and making sure I don't have the user/pass saved in the browser. They even manage to pull it off under "Private Browsing" with NoScript enabled.

So how exactly are they doing this? Are they simply using IP addresses, or are they using some other sort of personal identifier?



Basically. It's like those user location map pages where simply loading the page adds your location to the map as a pin marker. When you upload the image the necessary pairing info is logged and the banked data that matches previous checks is reenacted.

Now, why someone would program an automated service to log you in after performing that check function is anyone's guest. I guess someone thought it was a convenience that customers would enjoy. But, regardless of how creepy it may seem to see it happen it's always been possible.

eBay does something similar if you add something to your watch list before you log in. It saves watched items in a temp state, then when you log in it adds them to you account page. In other words servers are logging your executed instructions at all times.

Going off topic: It's kinda' funny that everyone is losing their shit over the recent revelation that the NSA has been logging everyone's phone calls when private business has, since day one, been watching everyone's every move through purchase patterns, CC transactions, page instruction executions, e-mails, registrations, etc.

Oh, speaking of that I just yesterday got an e-mail from 2009. 2009! What, was it circling the f**king planet for four years, or something?

Return to Software / Applications

Who is online

Users browsing this forum: No registered users and 1 guest