This is pretty amazing. With a few lines of JavaScript it is possible to test if you are logged on at a number of popular web sites, such as Facebook, Gmail and Twitter. It works by requesting certain pages on these sites and analysing the http return codes. The requested pages are accessible or inaccessible depending whether a user is logged on or not. They thus give different status codes depending on their accessibility. Pretty cleverand pretty scary!

Abusing HTTP Status Codes to Expose Private Information | Mike Cardwell, Online: “”

Technorati Tags:
Internet, technology, privacy