out whose server and the location of the server a person used to get on the Internet, whether his computer is Windows or DOS based, and also the Internet browser that was used. This is the only information that can be taken legally. However, it can safely be assumed that in some cases much more data is actually taken (1). These are just a few of the many ways for people to find out the identity of an individual and what they are doing when on the Internet. One of the most common ways for webmasters to find out information about the user is to use passive recording of transactional information. What this does is record the movements the user had on a website. It can tell where the user came from, how long he stayed, what files he looked at, and where he went when he left. This information is totally legal to obtain, and often the webmaster will use it to see what parts of his site attracts the most attention. By doing this, he can improve his site for the people that return often (Boyan, Codel, and Parekh 2). There is a much more devious way that someone can gain access to information on a user's hard-drive. In the past, the user did not need to be concerned about the browser he used; that changed when Netscape Navigator 2.0 was introduced. Netscape 2.0 takes advantage of a programming language called Java. Java uses the browser to activate programs to better enhance the website the user was viewing. It is possible for someone to write a program using Java that transfers data from the user's computer back to the website without the user ever being aware of anything being taken. Netscape has issued new releases that fix some but not all of the two dozen holes in the program (Methvin 3). Many people do not realize that they often give information to websites by doing something called direct disclosure. Direct disclosure is just that, the user gives the website information such as their e-mail address, ...
