Is everything we are doing pointless?

One day my dad called me for me to see something, he showed me that he could see the entire customer’s screen, everything he was doing on the website, he could see if he took a screenshot what tabs he had opened, what applications he had on his task bar and so on. My dad could also see a recording of what a customer is doing on the company’s webpage with their phone. To sum it up, it’s as if there were someone recording all you do on a webpage on your browser.

I feel like everything i’ve done is pointless, and i haven’t see anyone talk about webpages that record all your screen.

This is usually achieved by special software. There are several options.

  • AnyDesk, TeamViewer etc. - SW you have to install and give permission to other person use it (ID + PIN). It’s used for different purposes.
  • Device Management - usually used by companies to allow manage tenths and hundereds of devices in the company network remotely and easily.
  • Something like BeEF - that’s why is important to keep browser updated
  • Sophisticated (maybe targeted) attack with malicious spyware - highly unlikely for a normal person
1 Like

CSS @media wants to know your screen sizes.

I dunno who said this that JS is the only way people can track you. Maybe Stallman I don’t know for sure.
I don’t know if this statement will be considered blasphemy by Stallman but I will say this, there are plenty of ways to track you without using JS.

Websites can see a lot of things, but rest assured, browsers are not designed so poorly that they can actually see the tabs and applications you have open (at least, not without shenanigans).

With that said, I do vaguely remember that website tabs can see and track what elements of the page you are interacting with. And of course, they can fingerprint you and uniquely identify you relatively easily.

Whether or not that’s alarming depends on your threat model, as always. For example, if you’re always logged in on a website, then it doesn’t really matter that the site can tell that it’s always you via fingerprinting because it already knows that it’s you.

As the others have said, this is most definitely done through special software. I’ve seen a similar setup in the past.

I wouldn’t worry too much.

Some of this can be done with javascript on javascript enabled sites. Putting in tracking pixels and so on to know what paths users are predominantly taking to get to something else is very useful to know what does and doesn’t work in say web app or mail campaign design. As long as it doesn’t include exact person info or stuff that leads to that like storing IP address or web browser fingerprinting I don’t have much problem with that.
A lot of evils come from over use of analytics and gathering and sending too much data to those on the grounds that maybe it will be useful to the app creators or business in the future. Especially if that info is not scrubbed sufficiently of user identifying information. Even more so if it goes to some anlytics providing company like Google that is known to hoover up information for its own purpose quite aside from the why you interacted with some webapps and sites.

But some of this is paranoid crap. There is nothing I have every encountered in javascript that allows a mere webapp to access your entire screen including outside the web browser. Full screenshot/recording is not a webapp available technology in my experience.