Re: [RLC-National] Stealthy Snoopers
- DGHarrison@... writes:>Yahoo is now using something called "Web Beacons" to track Yahoo Group
>users around the net and see what you're doing and where you are going
>-- similar to cookies. Yahoo is recording every website and every group
>you visit. Notice that they did not alert you to this snooping, but they
- westmiller@... wrote:
> "Web Beacons" are simply shared cookie information. This kind ofTrue, though incomplete. Here are the facts, including those you left
> monitoring has been done for a decade, since every computer must
> have a unique internet address ... you can't get anywhere without it.
> Yahoo does *not* record every website you visit ... only those that
> are owned by Yahoo, or Yahoo partners, that you chose to visit from
> a particular computer. Every browser program also provides - as a
> standard packet - information on where you have visited previously.
> There's been a great to-do about this, labeling it as "footprints" that
> jeopardize your privacy (you can clear your "footprints" as often as
> you like.
> Bottom line: there's nothing secret or sinister about cookies or the
> browser data that's retrieved. It's part of what makes the internet
> both convenient and useful. If you don't want that information made
> available to any web hosts, turn off your computer.
out of your message.
HTTP is a stateless protocol. This means that every time you click on a
link, even if it's to another page on the same site, it is to the server
independent of all other requests for web pages. With HTTP (and
therefore HTML) alone, you cannot customize the appearance of a web
site, use a shopping cart, nothing that requires that the server
"remember" who you are or what you have clicked on.
Enter cookies. Cookies are text files that are used as the server's
surrogate memory, if you will. Put something in your shopping cart on
that site and it gets written to a cookie and stored on your machine.
When you click the checkout button, the server asks for your cookie and
reads the contents to the shopping cart.
Objectively speaking, cookies are necessary and not evil privacy
violations. You are correct there.
However, as the programmer for site X, I can write anything I want to a
cookie. That includes anything you type into any form on my site, any
page you access, any link you click on, your IP -- and yes, I can write
your credit card number and expiration date to a cookie. I can also use
active x scripting to search your machine for anything I like and find
it, then write that information to a cookie and store it on your machine.
Cookies all by themselves are not evil, but they can be used in evil
ways. Easily. Very easily.
I can make a deal with other businesses. I can, for a fee, tell them the
name and location of the cookie I store on your machine so they can pull
it, and all the information there, if you visit their sites. These are
known as third-party cookies. Lots of businesses do this.
Web beacons are next generation third party cookies, used because of
those pesky folks who have enough sense to delete cookies, or better,
use cookie filtering and blocking programs. The fact that they want to
collect information from people who have taken pains to prevent such
information from being collected is, objectively speaking, obnoxious.
You can, of course, block all cookies (though that won't block web
beacons), but you lose all kinds of functionality if you do. If you are
concerned about cookies and privacy, clear your cookies every day from
all browsers you use, start using Firefox, which allows you more control
over cookie management, and perhaps the best suggestion of all, download
a free program called anonymous cookie, which solves the whole thing by
scrambling any personal information stored in cookies.
At any rate, cookies shouldn't be your main concern. Adware, spyware and
trojans should be. It's every bit as easy to create a RAT (Remote Access
Trojan) and wrap it in a flash app on a web page so that when you
download and run it, I have complete access to your machine. Extremely
easy to do, believe me, and you don't have to be able to write a single
line of code to do it.
If you're concerned about security, in addition to a firewall, you need
to run (and update daily):
A good virus program, like Symantec
And if you use outlook, you're just begging for an infection. NS has a
memory leak you could drive a freight train through. Use Eudora or
Thunderbird (better than Eudora, great spam filtering, and works like a
charm with Exchange).
"Say no to handguns and exploitation! Antonin Scalia is a tool of the
asbestos industry! We demand the U.S. get out of Oakland!!! Since
1964, tens of billions of rainforests have been discriminated against
in Tel Aviv!!"
--Autorantic Virtual Moonbat