I had been discussing a problem that I noticed with a friend and he started a discussion at the MacFixit board. This seems to be of interest to nearly anyone who is burning CDs with OS 9.x, so thought I would post it here. The problem is that when burning a CD, the host machine's Desktop DB file is transferred to the resulting CD. I took the opportunity to open one of these files using Can Opener, and was amazed to see that, in some cases, there are literally hundreds of URLs in the desktop DB file. Some contain sensitive information, such as hotmail log-in information, visits to competitor's sites (as I fortunately discovered before delivering a CD to a client)...just about anything. Even when the desktop file is deleted and rebuilt, the URLs (maybe not all of them after a rebuild) are back.
I wonder how many people know that they are distributing CDs that they have burned, that could contain hundreds of URLs that they had previously visited? To me, this is clearly a security issue, and one that needs to be looked at. Until some sort of fix is developed, I would caution people to examine the desktop DB files on any CDs that they plan to distribute.
By the way, I live in a place that has a lot of pirated software for sale (Thailand). Recently, I looked at one of these CDs, opened the desktop db file, and there is was: the hotmail address of the guy who was burning the pirated CDs!
Would appreciate any suggestions, as I have exhausted all ideas on how to fix this problem.
Here is the link for the MacFixit discussion---you will note that the guys from MicroMat (TechTool) have taken an interest in this, so maybe they will include some kind of desktop db "washing" tool in a future techtool release: