while reading the Let’s Create The First SAFE Web! topic, I had this evil tought:
“what if I put a simple Google Analytics snippet on my safe website?”
In this case, can I de-anonymize chrome/firefox (with the plugin/extension) viewers? As the plugin won’t stop http/https connections, I think I can.
Even if JS is disabled, I can also track viewers by adding an image tag pointing to a server of mine (eg:
<img src="http://myserver.com/track.jpg">), which I’ll use to record all IPs accessing the page.
Using this technique, a government can create honeyspots blogs to track possible dissident readers.
Is that a real concern or I’m missing something?
EDIT: I’ve changed the title from “IP leaking / De-anonymizing SAFE websites viewers”, because the topic is related specifically to the Firefox plugin.