| I don't have anything to hide- but a malicious attacker could easily cause me to. Step One: Maliciously cause the target to click on a link or open a url (Phishing, Exploit, RFE, XSS etc) Step Two: With JS, one can easy introduce HTTP connections to any number of websites, such as maybe the Taliban's official website (They have one!), Google Searches for (to think of a few) "Gaziantep Places to Stay", "Turkey Flights", "Opposition to the Kuffar at home", "Dabiq Magazine", "how to join the Khalifah" etc This could easily be done in a realisic appearing manner, especially to ISP/GCHQ filters and alerts. Step Three: If any of this tallies with any physical activity (Let's say the target wanted to go Clay Pigeon Shooting, or Visited a Gun Club because he has in interest in .22 target shooting), then they have a case. Sure, it's defendable, and this is a really simplistic example. But it's basically ruined the target's life. Remember, it's probably not the "Government" doing this, as this info will be leaked. EDIT: heck, I'll be stuffed- I tend to actively visit /r/combatfootage... |