Discussion of last night's 20/20 program

Discussion of last night's 20/20 program

Post by Bridg » Tue, 30 Nov 1999 04:00:00



Did anyone else see last night's 20/20 program.
It dealt with security on the net, mainly with being followed by programs
using cookies.
What are you doing about it? Upgrading browser security?
Are there good shareware or freeware programs which people are using?
Thanks.
 
 
 

Discussion of last night's 20/20 program

Post by Gary Woodruf » Tue, 30 Nov 1999 04:00:00


I am a long time user of the Anonymous Cookie which lets the site
download a Cookie but never lets them find it again.  Unfortunately I
can no longer find them on the web anymore.  The full Name was
Luckman's Anonymous Cookie.  The version I use is 1.0b9.  You can find
the program for download at various sites, but they are older
versions.  I would like to find out if they still are in business.

The other program I use to clear house once in a while is Cookie
Cruncher.  I blow away anything I don't want to keep on both IE and
Netscape.  Between the two I have not received a Spam on my main
account in over a year.

I am also pretty careful where I go and with who I do business on the
web and scrub the Cookies immediately after a session where I have
went to a site that is new and I don't plan to return.
--
Gary Woodruff

"That'll be the day" -   John Wayne in The Searchers


Quote:> Did anyone else see last night's 20/20 program.
> It dealt with security on the net, mainly with being followed by
programs
> using cookies.
> What are you doing about it? Upgrading browser security?
> Are there good shareware or freeware programs which people are
using?
> Thanks.


 
 
 

Discussion of last night's 20/20 program

Post by Richard G. Harpe » Tue, 30 Nov 1999 04:00:00


I didn't see the show, but I can imagine what was said.  Most of it was
probably inaccurate.  :-)

A cookie is used to store information about you for a particular Web site.
It may hold personalization information (say, for a news site that you've
customized so you see only the news you want) or may track areas you've
visited at that Web site.  It may track advertising links you've followed
from their site.  Once a cookie is created, it can only be accessed by the
site that created it on your computer.  No one else's Web site can see your
cookies or read information from them - only the one single site that put it
there.

Cookies CANNOT, WILL NOT, and NEVER WILL:

(1) Allow someone to track where you go anywhere on the Internet
(2) Allow someone to view your personal information stored in them
(3) Secretly remove private information from your computer for someone else
to view
(4) Give others access to your computer

--

* NOTE - Private EMail is generally not replied to.  Please post all
* questions and comments in the newsgroup so all can benefit.


Quote:> Did anyone else see last night's 20/20 program.
> It dealt with security on the net, mainly with being followed by programs
> using cookies.
> What are you doing about it? Upgrading browser security?
> Are there good shareware or freeware programs which people are using?
> Thanks.

 
 
 

Discussion of last night's 20/20 program

Post by Greg Moye » Tue, 30 Nov 1999 04:00:00


I agree with Richard.  People have so much fear of cookies....  When there
are far worse things to fear.  Like your open netbios ports bound to your
client and dial-up adapter or network card.



> I didn't see the show, but I can imagine what was said.  Most of it was
> probably inaccurate.  :-)

> A cookie is used to store information about you for a particular Web site.
> It may hold personalization information (say, for a news site that you've
> customized so you see only the news you want) or may track areas you've
> visited at that Web site.  It may track advertising links you've followed
> from their site.  Once a cookie is created, it can only be accessed by the
> site that created it on your computer.  No one else's Web site can see
your
> cookies or read information from them - only the one single site that put
it
> there.

> Cookies CANNOT, WILL NOT, and NEVER WILL:

> (1) Allow someone to track where you go anywhere on the Internet
> (2) Allow someone to view your personal information stored in them
> (3) Secretly remove private information from your computer for someone
else
> to view
> (4) Give others access to your computer

> --

> * NOTE - Private EMail is generally not replied to.  Please post all
> * questions and comments in the newsgroup so all can benefit.



> > Did anyone else see last night's 20/20 program.
> > It dealt with security on the net, mainly with being followed by
programs
> > using cookies.
> > What are you doing about it? Upgrading browser security?
> > Are there good shareware or freeware programs which people are using?
> > Thanks.

 
 
 

Discussion of last night's 20/20 program

Post by Serenit » Tue, 30 Nov 1999 04:00:00


Looks like they aren't.. see:

http://cards.webby.com/luckman.htm

--
*************************


> I am a long time user of the Anonymous Cookie which lets the site
> download a Cookie but never lets them find it again.  Unfortunately I
> can no longer find them on the web anymore.  The full Name was
> Luckman's Anonymous Cookie.  The version I use is 1.0b9.  You can find
> the program for download at various sites, but they are older
> versions.  I would like to find out if they still are in business.

> The other program I use to clear house once in a while is Cookie
> Cruncher.  I blow away anything I don't want to keep on both IE and
> Netscape.  Between the two I have not received a Spam on my main
> account in over a year.

> I am also pretty careful where I go and with who I do business on the
> web and scrub the Cookies immediately after a session where I have
> went to a site that is new and I don't plan to return.
> --
> Gary Woodruff

> "That'll be the day" -   John Wayne in The Searchers



> > Did anyone else see last night's 20/20 program.
> > It dealt with security on the net, mainly with being followed by
> programs
> > using cookies.
> > What are you doing about it? Upgrading browser security?
> > Are there good shareware or freeware programs which people are
> using?
> > Thanks.

 
 
 

Discussion of last night's 20/20 program

Post by Gary Woodruf » Tue, 30 Nov 1999 04:00:00


Richard

I differ a little here.  One the people that were on the show were not
the usual ones they roll out for these shows.  They were talking about
how the individual company that set the cookie has been accumulating
information and then using it.  I know that their taking control over
your computer is not possible, but then again you were never supposed
to be able to get a virus unless you opened an attachment or ran a
file before Bubbleboy.  They were talking about new issues that have
come up with the increasing complexity and therefore new security
holes this creates.  They were also talking about renegade sites not
so much the ones associated with normal business on the web.

I also had repeated Spam problems until I started watching the cookies
on my system.  Now it may be impossible, and it may have been a total
coincidence that the Spam stopped, but it did stop.  I wish I could
say the same for my new Netscape E-mail account.  It is a regular Spam
breeder.  I have learned to never say never when it comes to
computers. I also do not need cookies to help my web experience.  Some
sites would not let me in unless they were allowed to set cookies, so
I let them.  They are rendered useless by Anonymous Cookie.  I get
along just fine without them.
--
Gary Woodruff

"That'll be the day" -   John Wayne in The Searchers



> I didn't see the show, but I can imagine what was said.  Most of it
was
> probably inaccurate.  :-)

> A cookie is used to store information about you for a particular Web
site.
> It may hold personalization information (say, for a news site that
you've
> customized so you see only the news you want) or may track areas
you've
> visited at that Web site.  It may track advertising links you've
followed
> from their site.  Once a cookie is created, it can only be accessed
by the
> site that created it on your computer.  No one else's Web site can
see your
> cookies or read information from them - only the one single site
that put it
> there.

> Cookies CANNOT, WILL NOT, and NEVER WILL:

> (1) Allow someone to track where you go anywhere on the Internet
> (2) Allow someone to view your personal information stored in them
> (3) Secretly remove private information from your computer for
someone else
> to view
> (4) Give others access to your computer

> --

> * NOTE - Private EMail is generally not replied to.  Please post all
> * questions and comments in the newsgroup so all can benefit.



> > Did anyone else see last night's 20/20 program.
> > It dealt with security on the net, mainly with being followed by
programs
> > using cookies.
> > What are you doing about it? Upgrading browser security?
> > Are there good shareware or freeware programs which people are
using?
> > Thanks.

 
 
 

Discussion of last night's 20/20 program

Post by Scot » Tue, 30 Nov 1999 04:00:00


I saw the show and thought it was quite amusing that the ones they
interviewed about the "dangers" were hawking services to protect people.
Let's hear it for objectivity!
 
 
 

Discussion of last night's 20/20 program

Post by Scot » Tue, 30 Nov 1999 04:00:00


One other thing I noticed. They acted like Usenet newsgroups were
supposed to be private. Have people forgotten what an open forum of
discussion is all about? They seemed to make it sound like deja.com was
collecting info from newsgroups. What they were doing was searching
archived articles.
 
 
 

Discussion of last night's 20/20 program

Post by Anthony Giorgiann » Tue, 30 Nov 1999 04:00:00


Hello All

I'm not overly alarmed by this either. But I do like to keep my cookies
folder (and the temp internet folders) tidy. So I've set up two FINDS - one
for cookies and one for temp. internet- that I saved in a folder. I set each
find to search for modified items after a certain date. I run it weekly to
find all the new stuff, then I select any updates of stuff I want and then
hit invert selection and shift/delete. So the only things I have left are
those few older cookies I really want - like e*, deja etc. that help me
log in - and their updates. Once in a while (using info I got from this
site) I even go into DOS and wipe out the index in the cookie folder to
reset it. Works great! I use saved FINDS - My Docs, Favorites, etc., - for
doing backups too. Like it better than MS Backup.

I'm sure someone will repost if I'm doing something wrong.

Tony Giorgianni


> Richard

> I differ a little here.  One the people that were on the show were not
> the usual ones they roll out for these shows.  They were talking about
> how the individual company that set the cookie has been accumulating
> information and then using it.  I know that their taking control over
> your computer is not possible, but then again you were never supposed
> to be able to get a virus unless you opened an attachment or ran a
> file before Bubbleboy.  They were talking about new issues that have
> come up with the increasing complexity and therefore new security
> holes this creates.  They were also talking about renegade sites not
> so much the ones associated with normal business on the web.

> I also had repeated Spam problems until I started watching the cookies
> on my system.  Now it may be impossible, and it may have been a total
> coincidence that the Spam stopped, but it did stop.  I wish I could
> say the same for my new Netscape E-mail account.  It is a regular Spam
> breeder.  I have learned to never say never when it comes to
> computers. I also do not need cookies to help my web experience.  Some
> sites would not let me in unless they were allowed to set cookies, so
> I let them.  They are rendered useless by Anonymous Cookie.  I get
> along just fine without them.
> --
> Gary Woodruff

> "That'll be the day" -   John Wayne in The Searchers



> > I didn't see the show, but I can imagine what was said.  Most of it
> was
> > probably inaccurate.  :-)

> > A cookie is used to store information about you for a particular Web
> site.
> > It may hold personalization information (say, for a news site that
> you've
> > customized so you see only the news you want) or may track areas
> you've
> > visited at that Web site.  It may track advertising links you've
> followed
> > from their site.  Once a cookie is created, it can only be accessed
> by the
> > site that created it on your computer.  No one else's Web site can
> see your
> > cookies or read information from them - only the one single site
> that put it
> > there.

> > Cookies CANNOT, WILL NOT, and NEVER WILL:

> > (1) Allow someone to track where you go anywhere on the Internet
> > (2) Allow someone to view your personal information stored in them
> > (3) Secretly remove private information from your computer for
> someone else
> > to view
> > (4) Give others access to your computer

> > --

> > * NOTE - Private EMail is generally not replied to.  Please post all
> > * questions and comments in the newsgroup so all can benefit.



> > > Did anyone else see last night's 20/20 program.
> > > It dealt with security on the net, mainly with being followed by
> programs
> > > using cookies.
> > > What are you doing about it? Upgrading browser security?
> > > Are there good shareware or freeware programs which people are
> using?
> > > Thanks.

 
 
 

Discussion of last night's 20/20 program

Post by Gary Woodruf » Tue, 30 Nov 1999 04:00:00


What they suggested, and they did not prove this to my satisfaction,
was that Deja.com was actively marketing the information they
gathered.  I will bet the truth is there are people who are using
Deja.com as a resource and gleaning through an individuals post and
then selling this information to others.  You are absolutely right
that they seemed unaware that newsgroup use is public and you put
yourself on the public record when you participate in a newsgroup.
--
Gary Woodruff

"That'll be the day" -   John Wayne in The Searchers


Quote:> One other thing I noticed. They acted like Usenet newsgroups were
> supposed to be private. Have people forgotten what an open forum of
> discussion is all about? They seemed to make it sound like deja.com
was
> collecting info from newsgroups. What they were doing was searching
> archived articles.

 
 
 

Discussion of last night's 20/20 program

Post by Gary Woodruf » Tue, 30 Nov 1999 04:00:00


Thanks for the information.  Too bad but it looks like they are gone.
--
Gary Woodruff

"That'll be the day" -   John Wayne in The Searchers


> Looks like they aren't.. see:

> http://cards.webby.com/luckman.htm

> --
> *************************



> > I am a long time user of the Anonymous Cookie which lets the site
> > download a Cookie but never lets them find it again.
Unfortunately I
> > can no longer find them on the web anymore.  The full Name was
> > Luckman's Anonymous Cookie.  The version I use is 1.0b9.  You can
find
> > the program for download at various sites, but they are older
> > versions.  I would like to find out if they still are in business.

> > The other program I use to clear house once in a while is Cookie
> > Cruncher.  I blow away anything I don't want to keep on both IE
and
> > Netscape.  Between the two I have not received a Spam on my main
> > account in over a year.

> > I am also pretty careful where I go and with who I do business on
the
> > web and scrub the Cookies immediately after a session where I have
> > went to a site that is new and I don't plan to return.
> > --
> > Gary Woodruff

> > "That'll be the day" -   John Wayne in The Searchers



> > > Did anyone else see last night's 20/20 program.
> > > It dealt with security on the net, mainly with being followed by
> > programs
> > > using cookies.
> > > What are you doing about it? Upgrading browser security?
> > > Are there good shareware or freeware programs which people are
> > using?
> > > Thanks.

 
 
 

Discussion of last night's 20/20 program

Post by Malcolm Harpe » Wed, 01 Dec 1999 04:00:00


I agree with  you Ric* (2) - (4).  I think you're wrong on (1).
Cookies can be used somewhat to track you from site to site.  Not the
cookies that the main site places on your puter, but the cookies that the
ad banners place.

You go to site 123.com and view a page.  The page has banner at the top
that requests an image from sleazyadcompany.com.  The image request
includes the URL for the page you're viewing.  sleazyadcompany.com gives
you a cookie that includes an ID number.  They save that ID number along
with the page address you were viewing at 123.com.  You go to 456.com.  Hey
look they've also got a banner that contains an image request from
sleazyadcompany.com.  sleazyadcompany.com reads their cookie, gets the ID
number and saves the info that you've been to both 123.com and 456.com.

So what?  I think it's a small privacy issue.  They don't know your name or
where you are.  OTOH, this type of information is becoming a very valuable
commodity.  There is a booming trade in lists and databases that contain
nothing more than personal information about people collected without their
knowledge.  The profession of data mining, putting these lists together,
cleaning them up, improving them, is growing very quickly.  If you think
that sleazyadcompany.com isn't going to sell any info they've collected to
anyone who'll pay their price, you're mistaken.  They already do.

This is essentially my only problem with cookies.  It's why I still prompt
for persistent cookies.  And I add all ad banner addresses to my restricted
sites zone so their cookies are rejected silently.

--
Malcolm



> I didn't see the show, but I can imagine what was said.  Most of it was
> probably inaccurate.  :-)

> A cookie is used to store information about you for a particular Web
site.
> It may hold personalization information (say, for a news site that you've
> customized so you see only the news you want) or may track areas you've
> visited at that Web site.  It may track advertising links you've followed
> from their site.  Once a cookie is created, it can only be accessed by
the
> site that created it on your computer.  No one else's Web site can see
your
> cookies or read information from them - only the one single site that put
it
> there.

> Cookies CANNOT, WILL NOT, and NEVER WILL:

> (1) Allow someone to track where you go anywhere on the Internet
> (2) Allow someone to view your personal information stored in them
> (3) Secretly remove private information from your computer for someone
else
> to view
> (4) Give others access to your computer

> --

> * NOTE - Private EMail is generally not replied to.  Please post all
> * questions and comments in the newsgroup so all can benefit.



> > Did anyone else see last night's 20/20 program.
> > It dealt with security on the net, mainly with being followed by
programs
> > using cookies.
> > What are you doing about it? Upgrading browser security?
> > Are there good shareware or freeware programs which people are using?
> > Thanks.

 
 
 

Discussion of last night's 20/20 program

Post by Malcolm Harpe » Wed, 01 Dec 1999 04:00:00


I didn't see the show, but I've always thought deja news was OK.  Much
better than the other sites that purport to be portals to the newsgroups.
It's nice to know that there's an archive I can go to and search.  There's
lots of other ways of trolling ngs for current info.  A friend of mine with
a persistent connection (DSL) has a program that accepts search criteria.
He sets it up to look for posts that he might be interested in before he
goes to bed and all night long it searches newsgroup after newsgroup trying
to match his search criteria.  Scary in a way.

--
Malcolm


> What they suggested, and they did not prove this to my satisfaction,
> was that Deja.com was actively marketing the information they
> gathered.  I will bet the truth is there are people who are using
> Deja.com as a resource and gleaning through an individuals post and
> then selling this information to others.  You are absolutely right
> that they seemed unaware that newsgroup use is public and you put
> yourself on the public record when you participate in a newsgroup.
> --
> Gary Woodruff

> "That'll be the day" -   John Wayne in The Searchers



> > One other thing I noticed. They acted like Usenet newsgroups were
> > supposed to be private. Have people forgotten what an open forum of
> > discussion is all about? They seemed to make it sound like deja.com
> was
> > collecting info from newsgroups. What they were doing was searching
> > archived articles.

 
 
 

Discussion of last night's 20/20 program

Post by Scot » Wed, 01 Dec 1999 04:00:00



says...
Quote:> I agree with  you Ric* (2) - (4).  I think you're wrong on (1).
> Cookies can be used somewhat to track you from site to site.  Not the
> cookies that the main site places on your puter, but the cookies that the
> ad banners place.

That's one thing I feel they didn't stress enough in the story. That it
was the ad banners that they were talking about. THey could have simply
said you can avoid their tracking you by not clicking on them.
 
 
 

Discussion of last night's 20/20 program

Post by Kevin Davi » Wed, 01 Dec 1999 04:00:00


On Tue, 30 Nov 1999 02:56:35 -0500, "Malcolm Harper"


>I agree with  you Ric* (2) - (4).  I think you're wrong on (1).
>Cookies can be used somewhat to track you from site to site.  Not the
>cookies that the main site places on your puter, but the cookies that the
>ad banners place.

>You go to site 123.com and view a page.  The page has banner at the top
>that requests an image from sleazyadcompany.com.  The image request
>includes the URL for the page you're viewing.  sleazyadcompany.com gives
>you a cookie that includes an ID number.  They save that ID number along
>with the page address you were viewing at 123.com.  You go to 456.com.  Hey
>look they've also got a banner that contains an image request from
>sleazyadcompany.com.  sleazyadcompany.com reads their cookie, gets the ID
>number and saves the info that you've been to both 123.com and 456.com.

Unless I understand this incorrectly, I think this is wrong.  The only
way one is SUPPOSED to be able to read or place a cookie is that the
person has to currently be on the domain that placed the cookie and it
can only be read from that domain.  This would make your scenario,
above, impossible.  An "image request" as far as I know does not allow
one to read or place a cookie from a different domain, it is simply
pulling in an image from another location, which can be done.
Remove zzz from my email address:

~~~Golf Tip:  Don't pick up a lost ball until it stops rolling~~~o


Home Page - http://www.veryComputer.com/
Standard Disclaimer    (Win95 Tips, sound bites, and more!)