<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><br class=""><div><blockquote type="cite" class=""><div class="">On Nov 17, 2016, at 5:18 PM, gregrwm <<a href="mailto:tclug1@whitleymott.net" class="">tclug1@whitleymott.net</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class=""><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr" class="">
<div id="gmail-m_703320877085808208divtagdefaultwrapper" style="font-family: calibri, arial, helvetica, sans-serif; font-size: 12pt;" dir="ltr" class="">What I am really wondering here is how the full exact query was captured and then repeated by a 3rd party out in the wild. The implications are kind of scary.<br class=""></div></div></blockquote><div class=""><br class=""></div><div class="">scary = prefer not to think about. an understandable, and ubiquitous preference. which leaves leagues of leeway for such activity to accrete.<br class=""></div><div class=""><br class=""><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div style="overflow-wrap: break-word;" class="">Then
I would suspect there’s a packet sniffer out there on an infected
computer (not necessarily yours) that is getting this information via
WiFi… Of course, that means your laptop is on WiFi phoning home.<br class=""></div></blockquote><div class=""><br class=""></div><div class="">could be anywhere, eg modem, or at the provider<br class=""></div></div></div></div></div></div></div>
</div></blockquote><div><br class=""></div><div>Which is why sending it over HTTPS and as a POST is a better idea.</div><div><br class=""></div><div>The host name could even be maintained in a host file or on a private DNS server so that the domain isn’t even public… although that would be part of the transmission packet header.</div></div></body></html>