View Full Version : Cookies Are Not Spyware
Jason Dunn
11-07-2004, 07:00 AM
I've had two emails in the past week from Pocket PC Thoughts asking why we're distributing "spyware" onto their computers. We're not - it's that simple. What people are seeing is over-protective anti-spyware software treating normal cookies like spyware.<!><br /><br />In this case, Avenue A (one of the third-party advertisers that serves up banners when we don't have our own paying ad) is doing nothing more than dropping a cookie on your machine. The cookie is like every other advertising cookie from DoubleClick and other large advertising agencies: it tracks what ads you've seen so it doesn't show you the same ad more than "X" times.<br /><br />It's grossly irresponsible for these anti-spyware companies to treat cookies like spyware. <b>REAL</b> spyware is malicious, machine-hijacking junk that throw pop-ups on your computer, resets your start page, and all sorts of other ugly tricks. A cookie is a text file that has some non-personal information what banner ads have shown on certain sites. That's it.<br /><br />Go ahead and open the cookie on your computer and you'll see it's harmless. Cookies are not spyware, no matter how hard these anti-spyware companies try to make them out to be. You have to realize that these guys are trying to sell their software too, and if they start blocking cookies as well, they give the perception that they're "protecting" you even more often. They have an agenda too - think about it. ;-)<br /><br />It's also worth noting how many cookies are used - I deleted all my cookies yesterday, and in only 24 hours of Web browsing I have more than 50 on my computer. It's the way the Web works, but it's not spyware.
Jonathan1
11-07-2004, 08:14 AM
Umm Jason. I hate to tell you this but there are components of ad/spyware that do use cookies. It’s just like any tech. It can be used for good or evil. Personally I would rather have a piece of software be over protective then under. The thing is the user on the other end should be smart enough to look at the cookie in question and make the determination that this isn't spyware or a component of spyware or at the very least the software should stress that this MAY be a component of spyware. At any rate I think it’s stupid that people are coming at you with this accusation. Anyone with half a brain should realize that this is a legit site. If you guys tried doing the adware thing PPCT would be a memory overnight. I don’t think anyone would accept a site that gets its cash flow to keep the site up through adware distribution. Esp from a site that consists of geeks. I would say we are more sensitive to ad/spyware then most others. ;)
Jason Dunn
11-07-2004, 08:25 AM
Umm Jason. I hate to tell you this but there are components of ad/spyware that do use cookies. It’s just like any tech. It can be used for good or evil.
While I appreciate your support in stating that Pocket PC Thoughts wouldn't distribute spyware, I don't really agree with your opinion of cookies. I've never seen or heard of an instance where a simple text file could do anything that real spyware can do. Cookies can only do one thing, and that one thing isn't malicious or even capable of generating income for the distributor of the cookie, which is certainly a defining characteristic of spyware. The attitude of "cookies are evil spyware" is what I'm trying to dispel, but you seem to think otherwise. If you have some proof, I'd love to see it!
jeffmd
11-07-2004, 08:38 AM
in a secure non buggy browser, cookies are restricted so that a certain web site can only look at the cookies it creates. Now then, MANY complex banner sites like double click heavily use cookies to a) keep track of what banners you have seen so far, and b) what doubeclick affiliated site you have been visiting (it wont know what sites who dont sign up to doubleclick you are viewing) for statistics. Many ad sites use cookies as an easy form of anonymouse statistic gathering.
There is simply no way these sites can view your other cookies. Cookies are a well accepted and very usefull practice that has been around since shortly after GUI web browsers.
You can allways disable cookies if you are really scared, but the majority of saved password and board setting features require their use. Infact most board systems require cookies if you wish to simply stay logged in while browsing the boards.
Thankfully I havnt come accross any of these crappy anti viruse programs.
GroovBird
11-07-2004, 08:42 AM
Umm Jason. I hate to tell you this but there are components of ad/spyware that do use cookies. It’s just like any tech. It can be used for good or evil.
While I appreciate your support in stating that Pocket PC Thoughts wouldn't distribute spyware, I don't really agree with your opinion of cookies. I've never seen or heard of an instance where a simple text file could do anything that real spyware can do. Cookies can only do one thing, and that one thing isn't malicious or even capable of generating income for the distributor of the cookie, which is certainly a defining characteristic of spyware. The attitude of "cookies are evil spyware" is what I'm trying to dispel, but you seem to think otherwise. If you have some proof, I'd love to see it!
The original meaning of the term spyware is software that is secretly installed on your computer along with some "freeware" that silently monitors your surfing habbits and reports it to some advertizing company to further enhance their effectiveness in targetting the right demography for certain products.
Then that software became more intrusive and took over people's computers. Start pages, search pages, pop ups and so on starting annoying people. Still they used the term spyware for that kind of software.
But cookies can and are used to track people's habbits. And when that information about where YOU surf is collected, merged, and available for inspection without your consent then that's an invasion of your privacy. Hence cookies can be used as "spyware".
Whether tracking what ads you've already seen to avoid annoying you is a "service" or "spyware" is another discussion altogether. I think it's applaudable that an advertizing company tries to reduce the nuisance factor of ads by removing redundant ads.
But the question here is can and are cookies used as "spyware" as in "invading your privacy". And yes, I think they are.
This is the definition I found:
A Tracking Cookie, also known as a Spyware Cookie, is any Cookie that is collectively shared among unrelated websites for the intention of tracking and sharing a user’s surfing habits. Each particular website will recognize and read the Tracking Cookie while also accumulating additional information for future sites.
Tracking Cookies are mainly used to collect a user’s tendencies such as pages observed, advertisements viewed or any other behavioral activity. This valuable marketing data can then be used by the website to display highly relevant advertisements to match each particular user’s preferences.
Jason Dunn
11-07-2004, 08:50 AM
And so the privacy advocate comes out with his first post... ;-) Welcome to Pocket PC Thoughts, home of the cookie! :lol:
But cookies can and are used to track people's habits. And when that information about where YOU surf is collected, merged, and available for inspection without your consent then that's an invasion of your privacy. Hence cookies can be used as "spyware"
I'd challenge that assertion by pointing out that without knowing your identity, without aggregation of that data to form individual profiles, it's not a violation of your privacy. When I drive my car down a street and drive over one of those traffic counters, is my privacy violated because someone is counting my car to measure the flow of traffic? No, not unless it's also scanning my license plate to learn about me personally. In my opinion, non-personalized data collection is not a violation of anyone's privacy.
Privacy is certainly an issue worth protecting in this day and age, but being paranoid helps no one. I remember this issue of advertisers tracking ad views through cookies came up in the late '90s, and certain people were mad about it for, oh, 5 minutes. Then when spyware really started to come out, people realized what TRUE privacy violations were...and cookies 'aint that.
Anyway, I think I've said all I will say on the subject. People are welcome to block cookies if they wish, but please, no one email me asking why they're getting spyware warnings. ;-)
rogben
11-07-2004, 09:01 AM
Jason: Sorry, but you're simply off-base on this one. Cookies placed by third-party ad vendors are there for one central reason... to track the user's movements within a site, and between sites.
That's not a conspiracy by pro-privacy software developers (many of whom toil for free, by the way)... it's just a fact.
and that one thing isn't malicious or even capable of generating income for the distributor of the cookie
Profiling users and monetizing those profiles are what ad networks are all about.
Now, with that said... I agree that cookies aren't spyware. They're not any kind of "ware", for that matter. They are potential privacy hazards, but they have no inherent ability to hijack a machine or otherwise interfere with the normal use of the OS.
They are simply text files that uniquely identify a browser in some ad agency's database. And as such, are appropriate targets for deletion by pro-privacy applications.
We don't have to worry, the privacy policy clearly states:
Information About You
Thoughts Media may from time to time ask you to provide information about yourself to us on a voluntary basis, through surveys, polls, and as a requirement for entry into Thoughts Media contests. This information may include your name, address, telephone number, Zip Code, e-mail address, sex, age range, the types of devices you use, planned purchases, and what kinds of features you prefer in a PDA.
Thoughts Media aggregates this information to determine trends, preferences, and demographics about the handheld community in general. We will use this aggregated information to study the trends of our user community. Occasionally we may provide this aggregate data to the sponsors of Thoughts Media. Specific information such as name, email address, or other contact information will never be shared with sponsors.
that means all the info gathered is being gathered voluntarily.
jeffmd
11-07-2004, 09:09 AM
juuni, unfortunatly that defenitition is false. Cookies can not be accessed by unrealated sites. "the man" is not out to massivly collect information out of all the sites you access.
The compleat and total extent of multisite tracking, is when say, 2 unrealted web sites who have signed up to doubleclick ad services and display a doubleclick ad on their pages. When you bring up each sites respective page, the site itself does not access the doubleclick cookie, but the doubleclick ad from the doubleclick site accesses that cookie. Now the doubleclick ad using the ID number from the banner in the html code will know which site you polled for a banner from, and so it will in turn know that you visited that site, but that is all.
Its like walking into a mall and 2 of the stores has a huge poster in thier doorway from some advertiser, and theres a big honken video camera ontop of the poster. The advertiser will know its you when you walk into those 2 stores, but it has no clue if you have walked into any of the other stores in the mall.
Rogben, in said database, my "unique identification" would be something like the number 9838765243. They dont know my name, sex, or if im even human.
Darius Wey
11-07-2004, 09:10 AM
Now, with that said... I agree that cookies aren't spyware. They're not any kind of "ware", for that matter. They are potential privacy hazards, but they have no inherent ability to hijack a machine or otherwise interfere with the normal use of the OS.
They are simply text files that uniquely identify a browser in some ad agency's database. And as such, are appropriate targets for deletion by pro-privacy applications.
And having said that, I think we can come to the conclusion that these cookies that are being served up from the PPCT website are only present due to the delivery of ad-banners you see on the site.
PPCT, as you would know, is a perfectly legit site and we have no intention in secretly installing spyware on your computer.
A quick trip to the Avenue A website (http://www.avenuea.com/portfolio/portfolioTestimonials.asp) and you will see that there are other legit sites out there such as MSN and Best Buy that make use of the Avenue A services.
So if people believe that PPCT is distributing spyware, I ask that you think about it a little more carefully. That would also make well-known companies like MSN and Best Buy guilty as charged.
sylvangale
11-07-2004, 11:04 AM
Cookies are good and if you have anything different to say about it, then you have to deal with these guys. :mrgreen:
http://www.grudge-match.com/Images/sposse.jpg
rhmorrison
11-07-2004, 11:50 AM
I think we need to seperate SPYWARE that only collects information through use of cookies and those that install SPY programs that watch everything, possibly change the system and send information somewhere without the users knowledge.
When an internet browser surfs to a particular web site then most users know that a cookie (or several) may be used to hold data such as being logged in or certain temporary session information. He would not know that some SPY in memory periodically sends information to a site that he visited once four weeks ago.
I have arguments with my wife over the usefulness of non-malicious SPYWARE. Take for example AMAZON. They have a database that tracks all of the purchases that YOU and EVERYONE else have made. If I buy a particular book then they automatically inform me that many people who bought this book also bought book 'xyz'. I find this to be a very useful feature. They also compile long term shopping info and there is a 'personal' page where they display items that they think I might be interested in based on my past purchases. This I find also very useful. If we expand this to 'daily life' then consider all of the tons of junk mail that you recieve every day. Most of this crap goes unopened into the garbage! This is an irritation for OCCUPANT and COSTLY for the ADVERTISER. Imagine if SPYWARE worked here as well. Then you would only get junk mail for things that you are interested in. Of course you will have to now open and read the damn things and will end up spending more money but you are only wasting your time on things that you are interested in doing so (kind of like the POTM)!
With the advent of Hypersonic sound (http://www.prisonplanet.com/audios_the_next_big_thing.html) and invention of Woody Norris (http://www.woodynorris.com/interview.htm) there are a large number of potential applications (http://www.prisonplanet.com/audios_the_next_big_thing.html) that could also be onsidered an invasion to your privacy. Personally I am waiting for the television headphones that don't require headphones that Woody said should be in WalMart this summer (would also be useful as a PC speaker for work) but the applications where they are already in use is mainly for advertising. Location specific advertising, they are calling it an aurial laser (http://www.forbes.com/global/2003/0915/108_print.html) (although AESER would probably be more appropriate).
In any case, as someone has already mentioned almost any kind of technology can be used for GOOD (http://www.prisonplanet.com/audios_the_next_big_thing.html) or EVIL (http://www.thewe.cc/contents/more/archive2004/august/sound_as_weapon.html) (if used by police to decapacitate criminals without permanant injury is also GOOD, if used in WAR to KILL - NOT). Hypersonic sound has many, many, GOOD applications and some that can be EVIL. I think that true SPYWARE (i.e. just COOKIES and/or a database maintained by companies such as AMAZON) can be a force for GOOD. When the same mechansim is used by nefarious individuals (or companies) then it becomes the ROOT of all EVIL.
:soapbox:
gorkon280
11-07-2004, 01:07 PM
While I agree, cookies are not the root of all evil, they DO report information back to double click and the like on what doubleclick affiliated sites are reported back to doubleclick. Saying they do that anonymously is not true either. PPCT has logins as do many other sites that run ads. That means THERE'S a cookie thats written to your machine so that you don't have to relogin on every visit. That cookie has your login id. While most people don't use their real name for there login, some do. Most people cannot be tracked back to the real name via login cookies. Some people don't even want information that is anonymous collected about where they go on the web. In any case, it would be wrong to say that cookies are nto spyware of sorts. It IS reporting information back to the advertiser, but it's usuallly anonymous info.
farnold
11-07-2004, 01:45 PM
Isn't this as much a discussion about changing values in the internet as anything else? Two years ago nobody thought about the dark side of the net and everyone was happy... now the 1st topic everywhere is security and all of a sudden people don't just think what the can do on the net, but also worry what the net does to them... and gee, they don't like being tracked and examined w/o ever given permission.
Jason, if you respect my privacy I would ask you to not install coockies on my PC. I would be very surprised if you see that any different.
Mike Temporale
11-07-2004, 02:02 PM
Jason, if you respect my privacy I would ask you to not install coockies on my PC. I would be very surprised if you see that any different.
:lol:
If you don't like cookies, then turn them off in your browser. Don't ask Jason to stop using cookies on his site. If he does that, you can kiss this forum goodbye. Cookies are used to keep you logged into a site, and to keep items in your shopping cart when you buy online, amoung other things. Cookies are not bad.
Places like double click may use cross site cookies, but they aren't ready your thoughts media cookie that stores your login.
Once again, cookies are not bad, if you like, turn them off in your browser, and report back and let us know how you like surfing after that. :wink:
gregmills
11-07-2004, 02:49 PM
For my part, I don't like the third party cookies. Whoever the advertiser is they are probably not bound by Thoughts Media's privacy policy. I'm not usually a paranoid type but I don't really want any agency out there databasing my surfing habits.
If you could drop those ads that would be great but I understand that for non-subscribers such as myself the site is ad supported. Still I would rather see your in-house ads in heavier rotation that know that some ad company out there is tracking my moves.
So that's my vote ;)
OSUKid7
11-07-2004, 03:19 PM
If you don't like cookies, then turn them off in your browser. Don't ask Jason to stop using cookies on his site. If he does that, you can kiss this forum goodbye. Cookies are used to keep you logged into a site, and to keep items in your shopping cart when you buy online, amoung other things. Cookies are not bad.
Places like double click may use cross site cookies, but they aren't ready your thoughts media cookie that stores your login.
Once again, cookies are not bad, if you like, turn them off in your browser, and report back and let us know how you like surfing after that. :wink:Exactly! I don't see the big problem. Yes, there could be privacy issues with certain cookies, but if you dislike them that much, just block the cookie from those sites. It's not that hard. :|
surur
11-07-2004, 03:55 PM
Of course the main concern are third party cookies, not pocketpcthough's own cookies which keep you logged into forums. The issue is that these cookies are used over many sites, some of which might not have such savoury privacy policies.
If any of these sites require your postcode (zip code) and share this with the advertising agency, now they have a real-world address and a real person to tag on to the surfing pattern and list of websites you visit.
If people think this is impossible, remember the story 4 years ago when Doubleclick merged with a junk mail and credit aggregation company called Abacus Direct/ Abacus Alliance. (http://www.forbes.com/1999/11/24/mu4.html)
http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2000/05/04/ED85035.DTL
The single example of public resistance occurred last month when the New York advertising and catalogue data company DoubleClick Inc., which has archived profiles of the mail-order buying behaviour of more than 88 million U.S. households and has placed cookies on an even larger number of personal computers to track online buying patterns, was forced to suspend its plan to link data from the online and offline worlds. By linking those two sets of data, the Internet's largest advertising company would have been able to identify consumers as they moved around the Web by their name, address and telephone number, rather than by an anonymous serial number.
This temporary victory for privacy is overshadowed by two awful facts:
Despite DoubleClick's retreat, some of its competitors are pressing on with practises that are arguably even worse, and the law offers consumers little protection from any of these practises.
These people know where you live, they know how much you earn, and now they know you visit pocketpc websites (example only). Their websites and databases have been hacked in the past. They are subject to the very unsafe terrorism laws in America, which basically means they can request any type of information just on suspicion.
Also, due to the size of the databases, there is the very real potential for confusion, with some-one else's data being mistaken for yours, because you share the same surname for example.
Suppose you visit a Amazon, and click on link taking you to a book on making a bomb and survivalist strategies. Maybe you found the title interesting. You dont even have to buy it. Some-one else buys a pile of fertiliser of another website, and has been mistaken for you. Doubleclick as a good patriot has been asked to monitor occurrences like this, and before you know it the ATF is at your door, killing your wife, children and dog like Randy Weaver (http://www.lewrockwell.com/orig3/conger3.html), while you are completely innocent.
Now this all may sound very far fetched, but my understanding of the current climate in the world and especially the US, is that you can be disappeared and detained without trial, and not even be told what the charges are, making it impossible to defend yourself.
If your behaviour is monitored closely, you will never know when you are innocently creating a similar pattern to a dangerous person (because in a large population with a small number of real positives, false positives are invariably very common) which might result in unsavoury consequences.
So, in short, if you are the kind of person who is concerned about these thinks, one would know that even simple text third party cookies can invade one's privacy.
Surur
PS: I'm not really a raving tin-foil headed conspiracy nut, but I can understand where they are coming from. Im generally an optimist, and am sure they will come for my neighbour, not for me :)
GoldKey
11-07-2004, 04:10 PM
Two years ago nobody thought about the dark side of the net and everyone was happy... now the 1st topic everywhere is security and all of a sudden people don't just think what the can do on the net, but also worry what the net does to them... and gee, they don't like being tracked and examined w/o ever given permission.
Jason, if you respect my privacy I would ask you to not install coockies on my PC. I would be very surprised if you see that any different.
Your statement has part of the heart of the problem on cookies. You say install. You install programs. Cookies are not programs, they can't do anything on their own. Cookies are potential spyware, but spyware of the weakest type. Most of cookies are harmless and to most are actually helpful. Making a blanket statement asking them not to be used is not fair, especially when you can easily set your browser to not accept cookies at all or just to prompt you and let you make the decision. So despite your statement above, by not turning cookies off, you have given permission. Why punish those who do understand the usefulness of them and realize there is little risk. Next thing you will be asking that Jason not use any graphics on his pages because of the potential to get embedded spyware downloaded through a flaw there http://www.eweek.com/article2/0%2C1759%2C1617045%2C00.asp .
As for your statement that two years ago no one thought about the dark side of the internet, I had to laugh. Plenty of people were thought about it, unfortunately, Joe user wasn't listening and for the most part still isn't. The number of computers that don't have an up-to-date firewall and antivirus package is pitful. Those are the big issues.
Rob Borek
11-07-2004, 05:44 PM
While I agree, cookies are not the root of all evil, they DO report information back to double click and the like on what doubleclick affiliated sites are reported back to doubleclick. Saying they do that anonymously is not true either. PPCT has logins as do many other sites that run ads. That means THERE'S a cookie thats written to your machine so that you don't have to relogin on every visit. That cookie has your login id. While most people don't use their real name for there login, some do. Most people cannot be tracked back to the real name via login cookies. Some people don't even want information that is anonymous collected about where they go on the web. In any case, it would be wrong to say that cookies are nto spyware of sorts. It IS reporting information back to the advertiser, but it's usuallly anonymous info.
The cookie is put there by DoubleClick - and only DoubleClick can see the cookie. All the info sent to DoubleClick is in the URL - so it can tell the site, and even what page(s) (if a separate identifier is set for each page), but not the login ID (unless it was placed there by the site itself - and I'm not sure DoubleClick even allows that). The info is only available via DoubleClick, on the terms they specify - it is not automatically available to the sites you visit. You would have to take a look at DoubleClick's privacy policy, which is available at http://www.doubleclick.com/us/about_doubleclick/privacy/doubleclick-sites.asp.
Also note: since Jason is resident in Canada, PIPEDA (Personal Information Protection and Electronic Documents Act) takes precedence for PPCThoughts - there are clear rules on what must be done to conform to the act (such as a privacy notice on what is collected and for what purpose), and there are civil and criminal penalties for violations of the act. This is much more stringent than anything the US has, and is similar to privacy laws in Europe.
Jason Dunn
11-07-2004, 06:02 PM
I can't believe how ridiculous this thread has become. 8O Since logic and facts won't dissuade some of you, here's how to simply block the cookies and end this discussion:
1) In Internet Explorer, click TOOLS then INTERNET OPTIONS then PRIVACY then the ADVANCED button
2) Click the box for OVERRIDE AUTOMATIC COOKIE HANDLING
3) If you want to block ALL cookies, including the one that logs you into this forum, set both to BLOCK. Be aware that this will likely force you to log in every single time you try and post a new message. A more reasonable level of blocking is to set FIRST-PARTY COOKIES to ACCEPT and THIRD-PARTY COOKIES to BLOCK. That means that if you're on pocketpcthoughts.com and we give you a login cookie, you'll accept it, but if an advertiser gives you a cookie from another domain, it won't be accepted.
And that's it! I'd rather not have to lock this thread, but I can see how it's becoming more political than logical, so let's dial back the rhetoric. Thanks!
cribbagewiz
11-07-2004, 07:42 PM
I think the solution is just to amend the user agreement to include that the user MUST accept the fact that the site requires the use of cookies and leave it at that. The cookie-conscious will go away or learn how to deal with them properly.
I have visited sites that not only require you to agree to the usage of cookies, but use a tool that monitors whether you have pop-up blockers enabled and refuses to show content until the pop-up is allowed to stay.
In the modern "free content" business paradigm, there are simply some things you will encounter. It is up to the user, not the site, to decide how they want to handle what they encounter and whether they can live with it. Let's not forget that not so very long ago, the best sources of content were only available for a fee.
P.S. Locking a thread that has become political? Not too user-friendly, IMHO.
jeffmd
11-07-2004, 07:50 PM
With illiterate people like gorkon, and contridictory people like surer, who needs scare tactics. ^^
Gorkon, doubleclick is not allowed to see your cookies, your logon id, nothing. And as mentioned in this thread just after, no they dont even see the URL of the page. Doubleclick is summoned to your web browser via image link that links to an ID number (the vendor ID of the site you are on) so doubleclick can send an image. It checks for its own cookie file for information I have allready described.
These people know where you live, they know how much you earn, and now they know you visit pocketpc websites (example only). Their websites and databases have been hacked in the past. They are subject to the very unsafe terrorism laws in America, which basically means they can request any type of information just on suspicion.
No.. they dont. If you actuall bothered to read what you quoted,
By linking those two sets of data, the Internet's largest advertising company would have been able to identify consumers as they moved around the Web by their name, address and telephone number, rather than by an anonymous serial number.
So at the moment, your just an anonymous serial number. I do wonder how they expect to link named to their data in the first place. Maybe they would buddy buddy with a vendor's customer info page (when ordering stuff) and get your info that way, simply polling your doubleclick cookie then? Ok.. now im scaring my self. Its a good thing Doubleclick was denied that. ^^ On the other hand if you habitualy clean your cookies, double click wont beable to keep much of a record for you anyhow.
gregmills
11-07-2004, 08:21 PM
I can't believe how ridiculous this thread has become.
Wow, I can't believe you can't acknowledge there is some legitimacy to people's concerns expressed here. People would rather not have tracking cookies placed by your third party advertisers. What is so ridiculous about that? It's not going to stop me from reading the site. YOU brought up the subject and people are just simply responding with thier thoughts on it. There's no need to belittle your own readership.
GoldKey
11-07-2004, 09:16 PM
I can't believe how ridiculous this thread has become.
Wow, I can't believe you can't acknowledge there is some legitimacy to people's concerns expressed here. People would rather not have tracking cookies placed by your third party advertisers. What is so ridiculous about that? It's not going to stop me from reading the site. YOU brought up the subject and people are just simply responding with thier thoughts on it. There's no need to belittle your own readership.
Jason gave you the solution to stop exactly what you are requesting. Since you are so concerned about this issue, that solution should be ideal as it will be effective for every site you visit, not just Jasons.
dunos
11-07-2004, 10:56 PM
As a web developer I love cookies. I can't get enough of them. While it is possible to write interactive websites that do not use cookies it is much easier, and safer, to use cookies for session management.
Cookies themselves can never be called spyware. They are not software themselves, only text files that hold data that can be used by software.
Banner adverts that come from external websites can place cookies on your system, however most modern browsers will block cookies that come from third party websites. It is also possible to configure most browsers to delete all cookies after you have finished your browsing session.
When people ask me if cookies are good or bad I usually end up pointing them at http://www.aboutcookies.org/ which should answer most peoples questions. It also has handy information on how to configure your web browser to block cookies. The laws mentioned on the site are UK centric. The UK has one of the most comprehensive personal data privacy laws in the world. We even have an appointed person to look after personal data:
http://www.informationcommissioner.gov.uk/
A world without cookies? I guess it might make me loose some weight ;)
Dan.
surur
11-07-2004, 11:04 PM
So at the moment, your just an anonymous serial number. I do wonder how they expect to link named to their data in the first place. Maybe they would buddy buddy with a vendor's customer info page (when ordering stuff) and get your info that way, simply polling your doubleclick cookie then? Ok.. now im scaring my self. Its a good thing Doubleclick was denied that. ^^ On the other hand if you habitualy clean your cookies, double click wont beable to keep much of a record for you anyhow.
Sorry to be contradictory, but as you said yourself, it is far from impossible to connect that one anonymous number to realworld details.
Doubleclick did not pay 1.7 billion dollars for that company just because they wanted a catalogue company. It was to try and get synergy, and increase the value of both sets of data. There is no reason to think that, having been stopped on this occasion, they (or another company) would not try again on another occasion.
If fact Jeff, you should concern yourself more about exposing private data on the internet. If you can connect enough tit-bits from the various web sites we frequent, you can get all kinds of information. Such as that you are a student and work at Kings Plaza in New York, that you used a Nokia 3650 with T-mobile, that you are interested very much in Divx, have 140GB hard drive space at home, and that you traded Anime from your personal machine in the past....
Privacy is very important.
Surur
Jason Dunn
11-07-2004, 11:17 PM
P.S. Locking a thread that has become political? Not too user-friendly, IMHO.
I only meant if people continued to discuss the FBI, the Patriot Act and other things that would turn this thread into an ugly mess. Discussing cookies is fine, but we try very hard to keep political and religious discussions out of the forums.
Jason Dunn
11-07-2004, 11:23 PM
Wow, I can't believe you can't acknowledge there is some legitimacy to people's concerns expressed here.
When the conversation turned from an Avenue A banner cookie to cookies causing the ATF to break into an innocent man's house and kill his family, this discussion took a sharp turn into crazyville. 8O
surur
11-07-2004, 11:33 PM
When the conversation turned from an Avenue A banner cookie to cookies causing the ATF to break into an innocent man's house and kill his family, this discussion took a sharp turn into crazyville. 8O
I just love making conversation turn into crazyville :devilboy: It makes for more interesting conversations.
The fact is though that we base our concerns on the worse case scenario. If bad things never happened to people, we would all be living in glass houses. But bad things do happen, and because there are plenty of people around with dubious ethics, one should always be careful about exposing oneself to exploitation.
Surur
surur
11-07-2004, 11:41 PM
Ive just discovered that Avenue A owns Claria AKA Gator! One of the most prolific Spyware apps using the stricter definition.
Also Avenue A has made it their mission to connect online adds with off-line sales, to show the value of their advertising.
I can see why anti-spyware programs would see and Avenue A cookie as being very suggestive of spyware. Its amazing how frequently these companies change their names. After 2 or three turns they even sound respectable.
Surur
This is a very interesting thread to read. While, according to Jason, some have pushed the envelope on this discussion, but it is good insight to perception issues and how well (or poorly) the information age and its vehicles, internet being one of them, is dealing with this.
Please consider these items:
1. Was I was a young lad I really enjoyed reading books. I could not get enough and was visiting the public library in our community atleast once a week. The libarian took notice of this and soon started recommending books for me. I loved her suggestions and found myself exposed to even more great reading.
2. My business requires me to travel quite a bit. Because of this the airlines that I use have learned my preferences and do make every effort to place me in my desired seating types
3. I remember one year I was involved in a project that required me to make a large number of trips to the USA over a four month period of time. Because of flight routes I always seemed to have a 3 hour layover in Portland Orgean. I found a great little airport bar that served a fantastic locally brewed beer. The bartender would always remember me and was ready with my drink along with a pleasent conversation about my travels in Asia whenever she would see me (and of course was given a nice tip).
These are all examples of people gathering my personal information and using it to improve the services that they gave to me. Does anyone see anything wrong with that? I doubt it.
This is the problem with perceptions of privacy in the information age. I know that Amazon provides service to millions of people, but I do expect that when they provide service to me it is somewhat personnalize. At that volume of business I can understand way it is necessary to use a database to provide that.
Not trying to state what is right or what is wrong, only bringing my thoughts to this discussion.
Finial thought, if you do not what some one to have any personal information about you, simply do not give it to them.
surur
11-07-2004, 11:54 PM
Finial thought, if you do not what some one to have any personal information about you, simply do not give it to them.
This is in fact the key issue. The issue is aggregation of the little titbit's of information we hand out in various places, all being brought together to make an accurate profile on us with organisations we dont already have a relationship with.
We might be comfortable giving the city we live in to one place, our email address in another, and our interests somewhere else. Suddenly due to the wonders of databases and computers, some-one can connect all the dots and know where we live and who we work for.
Aggregation is the real issue, and profiling the holy grail of all these adware companies.
What people really worry about is being known TOO WELL, including all their foibles and weaknesses, especially by people who's only intention is take make money of us. They may find out your favourite drink, and offer it to you on every occasion, tempting you to drink too much. Its a bad example, but thats what privacy means: keeping your personal information for yourself and people you care about and who cares for you, who are not likely to take advantage of you.
That will never be a company with shareholders, who by law must care only about themselves.
Surur
Constant Caffeine
11-08-2004, 02:46 AM
"the man" is not out to massivly collect information out of all the sites you access.
I wonder how many bytes of data Microsoft has collected over the years. This one “man” who I’m sure has a lot of zettabytes or yottabytes of data about us.
Jason Dunn
11-08-2004, 05:49 AM
The fact is though that we base our concerns on the worse case scenario.
If that's the way you live your life, I have pity for you.
Why get out of bed in the morning? You'll just trip and break your neck.
Why get in a car to drive anywhere? You'll just get into an accident.
Why eat anything? You'll just choke and die.
Why sit down in front of your computer? You'll just get electrocuted.
Worst-case scenario living is the kind of thing they treat with medication. :wink:
surur
11-08-2004, 08:37 AM
The fact is though that we base our concerns on the worse case scenario.
If that's the way you live your life, I have pity for you.
Why get out of bed in the morning? You'll just trip and break your neck.
Why get in a car to drive anywhere? You'll just get into an accident.
Why eat anything? You'll just choke and die.
Why sit down in front of your computer? You'll just get electrocuted.
Worst-case scenario living is the kind of thing they treat with medication. :wink:
I said concerns, not life. Im sure you, like me, have life insurance, car insurance, back-ups and surge protectors. Im not sure about the computer thing :), but every one of those other things you listed Im sure did happen to some-one. It should not dictate your life, but these things are not ignored by normal people, which is why we take some precautions e.g yearly car road safety tests and car insurance, and the AA etc.
Of course we could live our life in blind optimisms, and say it will never happen to us, and for many years you would be right. But as the songs says, In every life some rain must fall. Bit back on topic, computers and the internet are still quite new to the general population, so we are not very good at risk assessment yet. However note that we have actually become more careful in time e.g. regarding viruses, firewalls, spam, and have to be aware of phishing attacks and spyware.
Thats just life.
Surur
jeffmd
11-08-2004, 08:44 AM
surer, I do hope that was just an example list. Cause atm I kinda wish I had a job while attending school. ^^
while double click could buddy buddy with an online store, theres still some hurdles. first, as originaly quoted, they were denied the ability to combine their information, second, you would need to actually shop at said online store. The 2nd one might be a biggy, since I can see alot of negative feedback were a store to encorperate linking your data with anonymous agrigated data. and 3rd of course, is double click will still only know what double click sites you have visited. So it wont know if youve gone to any non double click sites.
so at the moment, double click does not have a way to link thier anonymous data with personal info, and I can't really see them doing so. ATM public feedback on them is pretty quiet simply because all they do is collect anonymous data. Where they to start collecting private data (data linked to actual people) then we would prolly see things like browser plugins to downright block double click ads, and sites like pocket pc thoughts refusing to carry double click ads, at which point double click will lose the user base it counts so much on.
Jason Dunn
11-08-2004, 04:30 PM
Can I remind people that we're not even talking about DoubleClick here? The company in question was Avenue A, which does drop a cookie, but as far as I know has no relation to DoubleClick. So all of this stuff about DoubleClick and spam is FUD that doesn't factor in to this discussion.
Here's something that might be useful to some of you: it's a page that allows you to opt out of the cookies that DoubleClick, Avenue A, and several other companies drop:
http://www.networkadvertising.org/optout_nonppii.asp
Be warned: I think it's a cookie that protects you in this case. Oh the irony! :roll: :lol:
PPCRules
11-09-2004, 12:20 AM
... if you like, turn them [cookies] off in your browser, and report back and let us know how you like surfing after that. :wink:
The tone I sense here is that people would see encounter some intolerable problem when they do this. I like surfing quite well that way.
What I usually do on each computer I use is set third party blocked (of course) and originating site to "prompt". Then as each new site comes up, I block or allow (mostly block) and select "apply to all". It doesn't take long to cover the sites I frequent most often. Most sites are blocked; on this particular computer, I have only 2 "always allows" sites versus about 200 "always block". If something doesn't work on a web site, I remove the "always block", individually accept cookies until I'm done ordering or posting (whatever didn't work) then reapply "always block" when the next prompt comes up. It's not all that hard, and it gives you a real good feeling. Highly recommended.
As for stats, when I had an more flexible cookie blocking tool with older IE versions, I enabled all cookies I needed for what I regularly did (so everything "worked"), and the ratio of blocked to accepted cookies was regularly 400:1. Clearly, most cookies are not relevant to the user experience, so you gotta wonder that someone is up to. (Like 3 to 10! originating site cookies per every page (not just forum authentication) at this site.) Actually, I realize most cookies are not utilized at all.
This discussion does confirm that there is a lot of misinformation and misunderstanding about cookies. I am encouraged that several people posting understand things correctly, although others are not swayed by reality. As Jason kinda said, people believe what they want to believe. Bottom line, it's not technically spyWARE, but it is spying. The damage that that spying does is what's up for discussion.
I suspect some people's comments on this site having spyware might not be referring to cookies at all, but to those goofy, annoying green underlines that pop up, for the most part, totally out-of-context commerial messages if the cursor even gets close to them. A big distraction, but I have become pretty good at avoiding them.
BTW, I also disable 'Flash', another of Jason's favorites. Feels good. Highly recommended.
vBulletin® v3.8.9, Copyright ©2000-2019, vBulletin Solutions, Inc.