Loading ...
Sorry, an error occurred while loading the content.

Re: [RLC-National] Stealthy Snoopers

Expand Messages
  • westmiller@aol.com
    ... Web Beacons are simply shared cookie information. This kind of monitoring has been done for a decade, since every computer must have a unique internet
    Message 1 of 2 , Dec 12, 2004
    • 0 Attachment
      >Yahoo is now using something called "Web Beacons" to track Yahoo Group
      >users around the net and see what you're doing and where you are going
      >-- similar to cookies. Yahoo is recording every website and every group
      >you visit. Notice that they did not alert you to this snooping, but they
      >hoped you wouldn't find out about it.
       
      "Web Beacons" are simply shared cookie information. This kind of
      monitoring has been done for a decade, since every computer must
      have a unique internet address ... you can't get anywhere without it.
      Yahoo does *not* record every website you visit ... only those that
      are owned by Yahoo, or Yahoo partners, that you chose to visit from
      a particular computer. Every browser program also provides - as a
      standard packet - information on where you have visited previously.
      There's been a great to-do about this, labeling it as "footprints" that
      jeopardize your privacy (you can clear your "footprints" as often as
      you like.
      Bottom line: there's nothing secret or sinister about cookies or the
      browser data that's retrieved. It's part of what makes the internet
      both convenient and useful. If you don't want that information made
      available to any web hosts, turn off your computer.
       
      Bill
      PS: Cross-posting to batches of eGroups is *strongly discouraged*.
      Direct messages to the appropriate eGroup, based on the purpose
      that's described on their home page.
      BTW: The RLC websites do not currently use cookies, but when
      we have implemented custom member login, they will.
       
    • Clay Bond
      ... True, though incomplete. Here are the facts, including those you left out of your message. HTTP is a stateless protocol. This means that every time you
      Message 2 of 2 , Dec 12, 2004
      • 0 Attachment
        westmiller@... wrote:

        > "Web Beacons" are simply shared cookie information. This kind of
        > monitoring has been done for a decade, since every computer must
        > have a unique internet address ... you can't get anywhere without it.
        > Yahoo does *not* record every website you visit ... only those that
        > are owned by Yahoo, or Yahoo partners, that you chose to visit from
        > a particular computer. Every browser program also provides - as a
        > standard packet - information on where you have visited previously.
        > There's been a great to-do about this, labeling it as "footprints" that
        > jeopardize your privacy (you can clear your "footprints" as often as
        > you like.
        > Bottom line: there's nothing secret or sinister about cookies or the
        > browser data that's retrieved. It's part of what makes the internet
        > both convenient and useful. If you don't want that information made
        > available to any web hosts, turn off your computer.

        True, though incomplete. Here are the facts, including those you left
        out of your message.

        HTTP is a stateless protocol. This means that every time you click on a
        link, even if it's to another page on the same site, it is to the server
        independent of all other requests for web pages. With HTTP (and
        therefore HTML) alone, you cannot customize the appearance of a web
        site, use a shopping cart, nothing that requires that the server
        "remember" who you are or what you have clicked on.

        Enter cookies. Cookies are text files that are used as the server's
        surrogate memory, if you will. Put something in your shopping cart on
        that site and it gets written to a cookie and stored on your machine.
        When you click the checkout button, the server asks for your cookie and
        reads the contents to the shopping cart.

        Objectively speaking, cookies are necessary and not evil privacy
        violations. You are correct there.

        However, as the programmer for site X, I can write anything I want to a
        cookie. That includes anything you type into any form on my site, any
        page you access, any link you click on, your IP -- and yes, I can write
        your credit card number and expiration date to a cookie. I can also use
        active x scripting to search your machine for anything I like and find
        it, then write that information to a cookie and store it on your machine.

        Cookies all by themselves are not evil, but they can be used in evil
        ways. Easily. Very easily.

        I can make a deal with other businesses. I can, for a fee, tell them the
        name and location of the cookie I store on your machine so they can pull
        it, and all the information there, if you visit their sites. These are
        known as third-party cookies. Lots of businesses do this.

        Web beacons are next generation third party cookies, used because of
        those pesky folks who have enough sense to delete cookies, or better,
        use cookie filtering and blocking programs. The fact that they want to
        collect information from people who have taken pains to prevent such
        information from being collected is, objectively speaking, obnoxious.

        You can, of course, block all cookies (though that won't block web
        beacons), but you lose all kinds of functionality if you do. If you are
        concerned about cookies and privacy, clear your cookies every day from
        all browsers you use, start using Firefox, which allows you more control
        over cookie management, and perhaps the best suggestion of all, download
        a free program called anonymous cookie, which solves the whole thing by
        scrambling any personal information stored in cookies.

        At any rate, cookies shouldn't be your main concern. Adware, spyware and
        trojans should be. It's every bit as easy to create a RAT (Remote Access
        Trojan) and wrap it in a flash app on a web page so that when you
        download and run it, I have complete access to your machine. Extremely
        easy to do, believe me, and you don't have to be able to write a single
        line of code to do it.

        If you're concerned about security, in addition to a firewall, you need
        to run (and update daily):

        AdAware
        Spybot
        TDS-3
        A good virus program, like Symantec

        And if you use outlook, you're just begging for an infection. NS has a
        memory leak you could drive a freight train through. Use Eudora or
        Thunderbird (better than Eudora, great spam filtering, and works like a
        charm with Exchange).



        --
        "Say no to handguns and exploitation! Antonin Scalia is a tool of the
        asbestos industry! We demand the U.S. get out of Oakland!!! Since
        1964, tens of billions of rainforests have been discriminated against
        in Tel Aviv!!"
        --Autorantic Virtual Moonbat
      Your message has been successfully submitted and would be delivered to recipients shortly.