I found a strange thing hidden on my page:
<div id="SiUnhdqlqHN9t7wB_tbstore_container" style="left: -2000px; top: -2000px; position: absolute;"> <param name="movie" value="http://tbupdate.zugo.com/ztb/2.5/jsi/man/fc.swf"/> <param name="allowScriptAccess" value="always"/>
EDIT: I see that it is in Chrome, and not just in IE, and I have all the improvements to finding web services, etc. disabled in advanced settings.
EDIT: I looked at the markup on a PC not in the office, and Zugo was gone. Perhaps only the PCs or browsers on my PC in the office are affected.
STILL ANOTHER EDITING: This seems to be a StartNow search extension. I would like to know how it was installed on my PC at work.
I would use this grid to track the data that will be covered by HIPAA, and you need to know that privacy is not at risk. There should not be anything โcalling homeโ in this grid or on this page. Actually.
PROGRAMMING ASPECT OF QUESTION: If allowScriptAccess is set to "always", can this SWF see everything in the DOM? And if the identifier changes, is there any way for me to โkillโ it using javascript?
source share