Cookie Scan

  • Thread starter Thread starter Russ Pyne
  • Start date Start date
R

Russ Pyne

I have Microsoft AntiSpyware on all my machines but I understand it does not
scan cookies.
I have now installed McAfee Enterprise 8.0i and McAfee Enterprise
Antispyware add on. I was shocked to find it found and deleted 99 cookies on
just one machine.

When will Microsoft add this scan or are these cookies not to be concerned
about.

Russ Pyne
 
I think it quite likely that Microsoft will add cookie scanning later in the
beta, but can't predict when that might happen. Cookies can be quite
carefully regulated using facilities already built-into the browse.
Microsoft antispyware can delete all of your cookies, but you might find
that rather undesirable.
 
Thanks for your reply Bill.

Russ Pyne

Bill Sanderson said:
I think it quite likely that Microsoft will add cookie scanning later in
the beta, but can't predict when that might happen. Cookies can be quite
carefully regulated using facilities already built-into the browse.
Microsoft antispyware can delete all of your cookies, but you might find
that rather undesirable.
Click to expand...
 
Russ Pyne said:
When will Microsoft add this scan or are these cookies not to be
concerned about.
Click to expand...

Cookies are not malware: they are just passive text files. They are left
behind by some web pages, and are checked again by the same web page the
next time you visit it. For instance, on sites where you need a userid and
password to read the site, and you ask the site to remember you and log you
in automatically in future, this is accomplished by leaving a cookie on your
PC so that you can be automatically logged in next time you visit.

Given that cookies are not active malware, it is questionable whether any
spyware-removal program should devote much effort to their removal. Some
spyware removal programs clearly do make a big fuss about how many cookies
they have found, but I do wonder whether this is done more to impress naive
users than anything else, because there are always lots of cookies on any PC
that has been browsing for a while, and these programs have to impress users
in order to gain market share.

The issue with cookies is one of privacy rather than malware: the cookie
list is rather like the IE History list: it reveals where you have been
browsing. And cookies left by advertisement graphics can track how often
you see that advert, and so on.

Cleaning cookies should be left to applications that are concerned with
privacy, not those that do spyware-removal.
 
After reading these posts, I don't feel so bad now.

After repeated anti-spyware scans, I noticed that the Beta did not remove
any cookies from my machine. Bad or good.

I would love to see cookie control in the program. I believe it would make
an additional level of protection against all the bad junk out there.

Granted, any Internet savvy user can easily be educated about bad cookies,
so, more effective tools should be provided and offered to coinside with the
education.

MSM1
 
Hi Robin,

In your statement: "Cookies are not malware: they are just passive text
files", a few questions come to mind.

I understand that "malware" is any kind of program or file that resides
onboard a system harddrive that can retrieve and transmit personably
identifiable information, download and install without user knowledge or
consent, or produce unwanted results like pop-up ad windows is considered
malware. (This description is NOT exhaustive)

Now, I use the Microsoft Anti-spyware Beta along with ZoneAlarm's
(www.zonealarm.com) firewall. I also use the TeaTimer from the Spybot Search
& Destroy in conjuntion with the firewall and the anti-spyware programs to
give me the best possible protection, and I learned that my machine was
LOADED with cookies that was constantly transmitting SOMETHING from my
computer to "phone home" servers.

After tracing these transmissions, I learned that Doubleclick.net and
Hitbox.com were just a couple of sites who was collecting data from me.

Now exactly WHAT was being extracted from my computer I don't know, but I DO
know that the ZoneAlarm went nuts with warning screens that data was being
transmitted out to port 80 and several other ports on a constant basis.

Point-in-case, I respectfully disagree with your statement. Granted, cookies
are simple data forms and do not contain executable program data, but on the
same token, they DO transmit unencrypted data that does NOT have to be sent
out without the user's knowledge the instant a user re-connects to
whereever.com.

I make an equal effort to combat third-party cookies along with viruses and
hacks.

Thanx for reading this!

MSM1, BSB/IS-UOP
 
Thanks everyone for your input. I was aware cookies are only text and of
their purpose, however it was privacy that did concern me. I trade on the
London stock market all day from my computers so you will understand my
concern. However I am pleased to report that passwords for important
accounts have been retained so it appears McAfee have done a very good job
in deleting 99 suspect cookies. It has found another 4 this morning but
major accounts are intact.

Russ Pyne
 
MSM1 said:
Hi Robin,

In your statement: "Cookies are not malware: they are just passive text
files", a few questions come to mind.

I understand that "malware" is any kind of program or file that resides
onboard a system harddrive that can retrieve and transmit personably
identifiable information, download and install without user knowledge or
consent, or produce unwanted results like pop-up ad windows is considered
malware. (This description is NOT exhaustive)

Now, I use the Microsoft Anti-spyware Beta along with ZoneAlarm's
(www.zonealarm.com) firewall. I also use the TeaTimer from the Spybot
Search
& Destroy in conjuntion with the firewall and the anti-spyware programs to
give me the best possible protection, and I learned that my machine was
LOADED with cookies that was constantly transmitting SOMETHING from my
computer to "phone home" servers.

After tracing these transmissions, I learned that Doubleclick.net and
Hitbox.com were just a couple of sites who was collecting data from me.

Now exactly WHAT was being extracted from my computer I don't know, but I
DO
know that the ZoneAlarm went nuts with warning screens that data was being
transmitted out to port 80 and several other ports on a constant basis.

Point-in-case, I respectfully disagree with your statement. Granted,
cookies
are simple data forms and do not contain executable program data, but on
the
same token, they DO transmit unencrypted data that does NOT have to be
sent
out without the user's knowledge the instant a user re-connects to
whereever.com.

I make an equal effort to combat third-party cookies along with viruses
and
hacks.

Thanx for reading this!

MSM1, BSB/IS-UOP
Click to expand...

Cookies do NOT transmit data. However, a Web site may query a cookie for
its data. If a Web site puts a doubleclick cookie on your computer, any
other Web site that uses the doubleclick cookie will add information to the
cookie. Then any Web site that queries the doubleclick cookie will get that
information.

--
Frank Saunders, MS-MVP, IE/OE
Please respond in Newsgroup only. Do not send email
http://www.fjsmjs.com
Protect your PC
http://www.microsoft.com./athome/security/protect/default.aspx
http://defendingyourmachine.blogspot.com/
 
Frank
Could you please explain the difference between a cookie and a tracking
cookie?
Derek N
 
Ok Frank, I think I have found the definitions.

From http://www.webopedia.com/TERM/c/cookie.html, What is a Cookie?
A message given to a Web browser by a Web server. The browser stores the
message in a text file. The message is then sent back to the server each
time the browser requests a page from the server.

From http://www.stopzilla.com/glossary/Tracking_Cookie.asp
Tracking Cookies are mainly used to collect data regarding user tendencies
such as Web Sites visited and behavioural activity. This valuable marketing
data can then be used by the 3rd party to display highly targeted
advertisements via Adware and/or Spyware Software.

Derek N
 
Frank, in your statement: "Cookies do NOT transmit data.", my question is if
cookies do not transmit data per se, then exactly how does the doubleclick
website obtain my information?
The minute anyone who logs into a site that will "activate" the doubleclick
cookie, am I correct that the cookie sends, hence transmits, the information
to whatever relevant site?

Either way, I have a problem with a cookie that has been identified as
spyware or third party. Granted, doubleclick is one of MANY who Spybot S&D,
MS Anti-spyware Beta, ZoneAlarm, and AdAware has identified as "not so good
tasting cookies".

Let alone, I logged in to three different websites where a nasty little
virus was planted (2 worms and 1 trojan)
After the cleanup, I learned that the trojan was planted in my machine from
a "third party source via cookies". At least this was what I was lead to
understand. Once the cookie was planted, it phoned home, launched a pop-up
window, and connected to a website with nothing more than the IP address in
the address section of the browser. (IE 6)
Then once connected, it automatically downloaded, installed and tried to
outbound the BonziBuddy. Granted, I am running a 2.4 Gig XP machine, this
all happened within literally seconds.
Thank goodness for ZoneAlarm! It stopped ALL outbound transmissions long
enough for my anti-virus program (Anti-Vir at the time) to take over and
eliminate all the bad software including the cookie and registry keys.

MSM1
BSB/IS, UOP
 
MSM1 said:
in your statement: "Cookies do NOT transmit data.", my
question is if cookies do not transmit data per se, then exactly how
does the doubleclick website obtain my information?
The minute anyone who logs into a site that will "activate" the
doubleclick cookie, am I correct that the cookie sends, hence
transmits, the information to whatever relevant site?
Click to expand...

Cookies do not transmit anything, period. A cookie is a file for storage of
data only. A web site that leaves a cookie on your PC can read it back
again when you visit the same site again. The cookie is planted on your PC
as part of the HTTP web protocol, and it can be read again by the HTTP web
protocol. Neither you nor ZoneAlarm will see this data being received or
transmitted, as it is all part of the HTTP exchanges between your web
browser and the web site. You "visit the site again" by virtue of
downloading another advertisement GIF from the advertising site: almost
every advert graphic nowadays is associated with a cookie transaction.

If your firewall has detected "transmissions" to remote sites, then simply
your PC is infected with spyware: that is what spyware does. You need to
clean your PC of spyware. These transmissions are not caused by cookies.

A cookie cannot cause any transmission to occur which is detectable by
firewalls (unless the firewall actually analyses the contect of HTTP
requests sent by your browser to web sites, and looks out for cookie data).
 
Robin said:
Cookies do not transmit anything, period. A cookie is a file for storage of
data only. A web site that leaves a cookie on your PC can read it back
again when you visit the same site again. The cookie is planted on your PC
as part of the HTTP web protocol, and it can be read again by the HTTP web
protocol. Neither you nor ZoneAlarm will see this data being received or
transmitted, as it is all part of the HTTP exchanges between your web
browser and the web site. You "visit the site again" by virtue of
downloading another advertisement GIF from the advertising site: almost
every advert graphic nowadays is associated with a cookie transaction.

If your firewall has detected "transmissions" to remote sites, then simply
your PC is infected with spyware: that is what spyware does. You need to
clean your PC of spyware. These transmissions are not caused by cookies.

A cookie cannot cause any transmission to occur which is detectable by
firewalls (unless the firewall actually analyses the contect of HTTP
requests sent by your browser to web sites, and looks out for cookie data).
Click to expand...

Well, all MVP.s really protecting these cookies, why ? It
must be up to
every user to decide if this is against their privacy policy.

I don´t like statistic tracking cookies so I always remove them.

Is it MSN you protect ?
 
I don't think we are "protecting" cookies in any way. You've probably
noticed that when I mention scanning with other products, and those products
detect cookies that they consider related to spyware, I blow them away.

There are a couple of issues here: 1) understanding the technology. MSM1
has a significant misunderstanding--he's ascribing actions to cookies.
Cookies are text files, they can't "act."

2) the question of the privacy issue with regard to cookies. As far as I'm
concerned, I am happy to have cookies removed as they relate to spyware
vendors, sites distributing spyware, and any advertising distributed via
spyware. I suspect the question is defining these accurately.

I don't know what the issues are that caused Microsoft to remove cookie
scanning from the beta builds distributed thus far. I think it is likely
that cookies will be scanned and offered for removal in a future build.
Whether Microsoft will draw the line about which cookies are "good" and
which are "bad" differently from some other vendor, I don't know. I believe
they will be making whatever distinction they decide to make based on
objective and legally defensible grounds. And we want them to do that,
because we don't want the genuine bad apples to be able to force them to
change those detections.
 
Robin,

From what I am to understand, are third party cookies are planted from just
simply logging in to, for example, weather.com that has a mortgage ad on it
simply due to the fact that the ads themselves have associated cookies with
them?

I guess I have the seemingly nil understanding I do because I have learned
that cookies contain information that is recorded against the users
knowledge.
I am the LEAST bit happy with knowing this mortgage company is tracking my
surfing habits just because I am a weather buff and log into weather.com
repeatedly.

I do appreciate the tech breakdown of what cookies are and how they operate.
I still am not comfortable wondering if there is any chance that there
servers and sites out there collecting ANY information about me or my
machine. Be it aggregate anonymous informatin or not. The only information I
want transfered other than what I type into the website is just tech stuff
that allows a feasible, secure connection. Nothing more.

MSM1
 
The weather website is only keeping track of the number of times you view
the mortgage ad. That's how they bill for advertising, by number of viewed
impressions. If you don't want the cookies, adjust your browser privacy
settings to not accept 3rd party cookies. It's that simple.
 
Mr. Sanderson,

You will have to pardon my seemingly blatent understanding of cookies. As I
have mentioned before, when I get several products and live Internet scans
telling me that said cookie is bad, malware, adware, tracking, etc, then a
person seems to have a tendancy to want it gone! And this is from free
software and Betas!

Let alone all of the "talk of the town" out there on the Internet declaring
war on "bad cookie sites" are splashed across computer screens worldwide
just about as often as all of those stupid ads.

Granted I do understand that "some features" of some websites will not work
normally if the site is not allowed to plant a cookie. BUT- my issue is I do
not believe that all these extra, fancy features are worth the time or
trouble if the website ADDITIONALLY needs to track anything unbeknownst from
my machine.
And yes, I have heard from several sources that cookies transmit data. This
may technically be false, BUT some cookies earned a real bad name and it was
not from just "sitting as an innocent little data file".

All in all, I either delete or completely block practically 95% of any
incoming cookies. I block ALL third-party cookies, monitor cookie by cookie
any others, and allow ONLY session cookies. If I get any problems from a
site, I block 100% of the cookies.

MSM1
 
Back
Top