I've had two emails in the past week from Pocket PC Thoughts asking why we're distributing "spyware" onto their computers. We're not - it's that simple. What people are seeing is over-protective anti-spyware software treating normal cookies like spyware. Since this topic is bound to come up at Smartphone Thoughts, I figured I'd cover my bases here too. ;-)<!>

In this case, Avenue A (one of the third-party advertisers that serves up banners when we don't have our own paying ad) is doing nothing more than dropping a cookie on your machine. The cookie is like every other advertising cookie from DoubleClick and other large advertising agencies: it tracks what ads you've seen so it doesn't show you the same ad more than "X" times.

It's grossly irresponsible for these anti-spyware companies to treat cookies like spyware. REAL spyware is malicious, machine-hijacking junk that throw pop-ups on your computer, resets your start page, and all sorts of other ugly tricks. A cookie is a text file that has some non-personal information what banner ads have shown on certain sites. That's it.

Go ahead and open the cookie on your computer and you'll see it's harmless. Cookies are not spyware, no matter how hard these anti-spyware companies try to make them out to be. You have to realize that these guys are trying to sell their software too, and if they start blocking cookies as well, they give the perception that they're "protecting" you even more often. They have an agenda too - think about it. ;-)

It's also worth noting how many cookies are used - I deleted all my cookies yesterday, and in only 24 hours of Web browsing I have more than 50 on my computer. It's the way the Web works, but it's not spyware.

I was a little shocked the first time I ran one of those spyware removal tools and I noticed that it tossed all my cookies into the spyware category.

It's also important to note, that many online retailers use cookies to store items you have added to your shopping cart. As well, most forum software will use cookies for features like "Automatically Log Me In".

Cookies have always got a bad rep with the media and those companies that like to spread FUD. However, there is nothing to fear. Jason is right, they are totally harmless.

I was a little shocked the first time I ran one of those spyware removal tools and I noticed that it tossed all my cookies into the spyware category.

Tossing ones cookies is never a good thing :drinking:

Sorry couldnt resist 8) but seriously, another category of software that is getting a bit over zealous is the firewall. I finally had to turn off the one I was using because I couldn't download anything, half the web sites I went to would not display images, and yes after messing with the 5 different cookie settings I got tired and switched back to the MS firewall.

I think this can be taken a bit too far. One shouldn't be on the internet if one is TOO paranoid. :worried:

another category of software that is getting a bit over zealous is the firewall. I finally had to turn off the one I was using because I couldn't download anything, half the web sites I went to would not display images, and yes after messing with the 5 different cookie settings I got tired and switched back to the MS firewall.


Let me guess, Norton Internet Security?

Let me guess, Norton Internet Security?

No, I have tried Norton, it was so horrible it was off the machine in about 10 minutes. This time its ZoneAlarm Pro. With each update it has gotten so bloated and full of "features" that it has become more trouble than its worth. I got to the point where I figured I'm behind a router and between Norton AV and the MS firewall I'm protected enough.

On a side note, if you havent already check out Gibson Research (http://www.grc.com/default.htm). They have a great test there (Shields up) for checking you PC's security.

Ah.. good to know. I won't be letting my clients upgrade their Zone Alram then. :)

I have had numerous calls for help in the last couple weeks, and they all turn out to be Norton Internet Security's fault.

Anyhow, sounds like your nicely protected. I'm running a similiar setup, and I don't have any problems. At least not yet. Of course, you have to remember to update the firmware on the router occasionaly, but otherwise, it's a nice solid setup. 8)

oh, and Gibson research; ya, I've used that many a times. I wonder if it could scan my phone?? I might try this later tonight. See what it returns. 8)

Ah.. good to know. I won't be letting my clients upgrade their Zone Alram then.

I started getting calls after the last couple ZA updates. I guess they crossed over the Good to Paranoid firewall barrier.


oh, and Gibson research; ya, I've used that many a times. I wonder if it could scan my phone?? I might try this later tonight. See what it returns.

Now there's an idea. :idea:

I agree about the cookies. People is going overboard about this. How many times I get e-mails "I can't login to your site", and by just allowing cookies htye're in.

The firewall stuff is strange. I don't currently use a software firewall. First I have a router that is state based - it blocks any incoming connections unless it's a reply from a machine I've contacted. Second, for some incoming ports I have it defined to send it to a non-existent IP on my network. Sort of sending to /dev/nul. I use this for 21, 80, 110. If this is the case then you should really have to worry about outgoing connections from unauthorised programs - but in this case how they did get ther in first place?

So, instead of worrying about the disease (and use a medicine like the software firewall), users should worry about not getting sick (and use safe computing practice, not installing unsigned things or of dubious origin, and run an antivirus and spyware removal tool. But that's asking too much...

So, instead of worrying about the disease (and use a medicine like the software firewall), users should worry about not getting sick (and use safe computing practice, not installing unsigned things or of dubious origin, and run an antivirus and spyware removal tool. But that's asking too much...

Well said, Mauricio. 8) If only more people played safe... :?

oh, and Gibson research; ya, I've used that many a times. I wonder if it could scan my phone?? I might try this later tonight. See what it returns.

Now there's an idea. :idea:

Well, I tried using Opera and PIE, neither one would load the page that actually runs the tests. I'm not sure why. I would click the link, and it just sits there trying to load, but never gets anywhere. :(