Re: Automatic Entry and Forms

Lee Shombert (las@severn.wash.inmet.com)
Mon, 26 Feb 1996 10:50:50 -0500


Date: Mon, 26 Feb 1996 10:50:50 -0500
From: las@severn.wash.inmet.com (Lee Shombert)
Message-Id: <9602261550.AA06274@severn.wash.inmet.com>
To: www-html@w3.org
In-Reply-To: <199602261456.IAA05929@predator.urbana.mcd.mot.com> (preece@predator.urbana.mcd.mot.com)
Subject: Re: Automatic Entry and Forms

The discussion to date has focused on unscrupulous browsers.  Implementation
of this "standard" has more serious implications.

In order to implement automatic entry, you must have a personal database
that is accessible in a known way.  Any program, not just a browser, will be
able to read this database.  Therefore, any program you run has immediate
access to a great deal of personal information.  All programs today
(especially on a PC) have access to your entire disk, but trying to ferret
out useful personal information from an entire disk is difficult at best,
and possibly impossible.

Once you have a www personal database standard, however, programs no longer
have to hunt for information, or guess at where it might be.  A simple
lookup operation returns everything they want to know.  We worry about
browsers having this information because they are obviously communicating
across the net and can therefore transmit this data without knowledge of the
user.  But software to send a message out onto the network is easy to write
- the next game, or paint program, or text editor, or screen saver you run
could read your personal info and, if you're connected to the net, transmit
it.

The danger in the automatic entry for forms is not in the browser actions
but in the fact that everyone will be encouraged to expose private
information to every program, trusted or otherwise, that runs on their
machine.

I originally saw no harm in this proposal, but now I find it insidious.  

                                                  Lee Shombert