The conspiracy of "tracking cookie" paranoia, page 2
Pages: <<  1    2    3    4  >>
ATS Members have flagged this thread 6 times


reply posted on 16-5-2007 @ 10:44 PM by tyranny22
Originally posted by SkepticOverlord
In my mind, there's a great deal of misinformation about cookies throughout the Internet, and most of is inaccurate hype being generated by anti-spyware/virus firms, or those with an interest in anti-spyware/virus firms. So... a potential corporate conspiracy of sorts.

So... before I get into my side of the story, I'd like to hear from some ATS members about their thoughts on "tracking cookies."


From my earlier thread about Google's pending patent, you already know that I am ignorant to tracking behaviors. I honestly had never researched "cookies" before now. I thought they were some sort of scripting allowing browsers to remember passwords and had something to do with websites/pictures/ads.

In their currently form, I take it that cookies provide no threat to your personal information stored on your computer or in your brower? Also, are they a general form of tacking, rather than specific to individual?

With modification would "super-cookies" (for lack of better term) be able to retreive such sensitive information or could they be altered to track specific persons browsing the internet? Rather than a page logging that a certain cookie has been there, could stored "super-cookies" actually send out information about every site that you visit?

It just makes me wonder what method of tracking the government and Google will be using. Would they be able to create such a "super-cookie", or would this mainly be done by programs specifically designed to do so?

[edit on 16-5-2007 by tyranny22]


reply posted on 17-5-2007 @ 07:03 AM by SkepticOverlord
Originally posted by tyranny22
With modification would "super-cookies" (for lack of better term) be able to retreive such sensitive information or could they be altered to track specific persons browsing the internet?

No. Cookies are simple text files written by the web server (or in-page JavaScript), and can only be read by the domain from which they're written. With those parameters, the only way a cookie can possibly represent anything about you personally is if you volunteer personal information to the site writing the cookie, and their practices are sloppy enough to write that information into their cookies.



Originally posted by Vasilis Azoth
But anyway, I can't explain the potential for abuse as effectively as these sites:

www.cookiecentral.com...

www.informit.com...

Most of the information at those links are repeat misinformation popularized by the firms who create "security software" that delete your cookies for you.

One of the arguments at the first link is that "the cookie is stored in the user's computer without her consent or knowledge." This is not true, and part of the environment of paranoia the software firms would like to generate. Cookies have been a clearly communicated component of web browsers since Netscape 0.9b (which I helped beta test).

One point at the second link deserves merit, the issue of potential XSS attacks to discover cookie data. While this is indeed a possibility, it's actually very rare and exceptionally difficult to do without some level of "inside" information about the site a hacker is trying to exploit. This is why such hacks end up being more mischievous exploits on users of blogs and forums based on open source systems. The system ATS is based on (XMB) was vulnerable to this, but one minor alteration to the default code, and it no longer is.

Another "concern" at the second link is that a cookie from DoubleClick could be used to store your browsing history. Yes, this is possible (though DoubleClick doesn't do it that way any more), however, your ISP now tracks your browsing history in complete detail... and they're not telling you they're doing it. And while we're on personal history, do you have any grocery store discount cards?



Originally posted by Badge01
Also, just because it's hard to use cookies beyond tracking, unscrupulous cookie issuers will find a way around the limitations and the next thing there goes the neighborhood.

I've been programming server-side code that writes and reads cookies since it was possible to write and read cookies. Given the massive numbers of talented and unscrupulous people programming web pages, don't you think we'd have a clear example of cookie abuse by now? But all we really have are artificial concerns created by software firms.



reply posted on 17-5-2007 @ 11:16 AM by SkepticOverlord
Originally posted by Flyer
Because they offer no use to the end user and people value their privacy.


Let's start by having a look at the current policies of the firm most-often associated with "cookie evilness," the firm currently with the resources available to perform cookie-based user-tracking, and the firm Google is buying: DoubleClick:
www.doubleclick.com...
What is the DoubleClick cookie doing on my computer?
The information that the DART cookie helps to give marketers includes the number of unique users their advertisements were displayed to, how many users clicked on their Internet ads or paid listings, and which ads or paid listings they clicked on.

What information is collected by a client using DoubleClick’s ad serving technology?
the date, the time, the website to which the ad or image was delivered, the cookie ID to which the ad was shown, the operating system which the browser was using – will be recorded.

Does DoubleClick itself do anything with this ad-serving information?
No. The information that is recorded on the DoubleClick servers by our clients’ use of our technology belongs to our clients.

Does DoubleClick sell the ad serving information to other companies?
No. The data that DoubleClick’s servers record during ad serving belong to DoubleClick’s clients, and DoubleClick cannot and does not sell that information to other companies.


Now, DoubleClick was indeed involved in trying to build a contextually-aligned database of user activity back in the late 1990's, and that has been the catalyst of much of the contemporary cookie hype (back then, I stopped using them because of it). However, after pressure from many sources, including industry groups like the DMA and IAB, firms like DoubleClick no longer attempt to profile users based on their site history. They use their cookies to keep track of which ads you see, and use the audience psychographics/demographics of the site you're visiting to target the right ad.


It didnt help that these companies were tracking you without your knowledge,

Not quite true. At the time DoubleClick attempted their effort of profiling users based on browsing patterns (on sites that served DART ads), they were very public about what they were trying to do, how they were trying to do it, and what the intended outcome was. Most people didn't like it... but to be fair, there was a substantial amount of information made public about it.


But still... in the end... after all that... assuming the deep tracking is happening... what is so terrible about a random ID code, not identifiable to you, correlating to a partial list of sites you've visited? Maybe it's just me, but in the vast spectrum of contemporary privacy intrusions, this is spectacularly minor... if that.


reply posted on 17-5-2007 @ 12:43 PM by NJStomp
I would worry more about Index.dat then Cookies if you use IE. This file keeps a record of every single website you have visited and most people are not able to delete it. If you want to delete it you need to end Explorer from Task Manager and map to the file through Command Promt. You can then delete it and then restart explorer from Task Man.

"Internet privacy groups contend that the use of index.dat files in the Windows operating system is an invasion of privacy. One of their main complaints is that the index.dat files cannot be deleted or erased easily, because they are always open when Windows (usually the explorer.exe process) is running. Open or "locked" files cannot be deleted in any way when the process using them is running. Also, when this file grows larger than 80MB in size degraded web performance will occur.

Another contention is that the operating system gives a false sense of security. Even after the user has cleared the internet cache folder, temporary internet files folder, and history folder, the index.dat files on Windows continue to store all visited web addresses and cookies and some temporary files. Some people state that this will eventually cause the index.dat files to grow very large, while the average user remains unaware of what is going on.

However, Microsoft representatives have pointed out that the index.dat files can optionally be deleted by advanced users, when Windows is rebooted in Safe Mode. Because Windows does not lock the file in safe mode, it can be deleted via any of the normal methods of deleting files in Windows."

en.wikipedia.org...
Pages: <<  1    2    3    4  >>    ^^TOP^^