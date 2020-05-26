see article for further details.
Fraud is a big issue for the etailer, but there are privacy and consent concerns too...
Maybe we should get rid of our computers altogether and let Ebay AI logarithms decide to sell us what goods and when and at what price and automatically deduct the money from our bank accounts. Then they could take responsibility for all the scams which take place on their website.
As long as they protect their sources of income, they don't seem to be too much concerned about protecting our sources of expenditure, our privacy and our consent. Perhaps they need to get it the other way round...or be forced by law to do so.
Dougie.
Users visiting eBay have spotted that the website runs port scans against their computer, using the localhost address to inspect what may be running on your machine.
Fraud is a big issue for eBay and if the purpose of scanning for remote-access ports is an attempt to detect criminals logged into a user's computer in order to impersonate them on the tat bazaar, it could have some value. The behaviour, however, was described as "clearly malicious" by security researcher Charles Belmer.
The script attempts WebSocket connections to a number of ports, including 3389 (Microsoft remote desktop), 5931 (Ammy Admin remote desktop), 6333 (VNC remote connection), 7070 (realAudio and Apple QuickTime streaming) and more. The script is running locally so it is not testing for ports exposed to the internet, but rather for what is running on your local network. The port scanning script does not always run. We have only seen it run on Windows, and normally only on the first visit to eBay after some unspecified period.
The script used by eBay, or its partner LexisNexis, to scan ports on your computer
