Cookie Scan

[MSM1]

"JohnF." wrote in message: "How is a hitbox cookie going to endanger your
trading activites?"

From what I am understanding, Hitbox won't endanger your trading activities
per se. The hitbox.com cookie is a tracking cookie. What exactly it tracks I
am not sure, but I was told that it tracks your Internet behavior.

MSM1

 

[MSM1]

My point is that I am NOT viewing the mortgage ad! Maybe their defenition
of viewing is that I see it when I open the home page of the weather site,
but since I do already block ALL third party site cookies, I feel that a
cookie is absolutely NOT NEEDED if I don't knowingly click on that blessed
ad!

MSM1

 

[JohnF.]

"You embed a HitBox Pro sensor in your web page source code (the sensor is
not visible to the viewer and does not affect page performance). Each time a
visitor accesses that page, the sensor sends a signal to the WebSideStory
servers. This method allows us to collect hundreds of statistics in real
time, available 24 hours a day."

The HitBox family of services is built to help Webmasters around the world
understand their anonymous site visitor and customer behavior. We act as
agents on behalf of some of the largest websites in the world to collect
this anonymous information for the purpose of improving online business
decision making.
Sometimes services such as ours are miss-construed as "spyware" or
"profilers." Neither of these is true. None of our services collect
personally identifiable information (PII). We also do not engage in the
profiling of individuals across multiple web properties, as some ad networks
have done in the past.
WebSideStory takes protection of personal privacy very seriously and has a
long standing commitment in this area. As such we hold privacy seals from
BBBOnline, TRUSTe, and are members of the Online Privacy Alliance as well as
other industry groups. Our privacy center contains additional information at
http://www.websidestory.com/privacy/

 

[plun]

"JohnF." wrote in message: "How is a hitbox cookie going to endanger your
trading activites?"

From what I am understanding, Hitbox won't endanger your trading activities
per se. The hitbox.com cookie is a tracking cookie. What exactly it tracks I
am not sure, but I was told that it tracks your Internet behavior.

Hi

Read this about Hitbox, I don`t want to be tracked..............

http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453060830

"Horsefeathers"......

 

[Segovia]

Sometimes services such as ours are miss-construed as "spyware" or
"profilers." Neither of these is true. None of our services collect
personally identifiable information (PII).

You folks just don't get it...

This computer belongs to ME. ALL the data on it belongs to ME, also...
and for that reason, I alone will decide who I allow to have my data.

Whether or not the data you collect is "personally identifiable" or not
is irrelevant. I, and many other computer users, are sick and tired of
software companies (like your "service") thinking they can collect any
damn thing they want from our computers just because [they claim] it's
not personally identifiable.

Obviously you haven't a clue what the anti-spyware/malware movement is
all about.

Have a rotten day.

 

[Derek N]

If cookies are innocent, why do they hide them away and make it so difficult
to remove them. I am thinking of cookies like Binet which took a
considerable effort to completely remove from my computer.
Derek N

 

[Bill Sanderson]

Cool it--As far as I know, JohnF was just quoting material from the cookie
salespeople--he didn't claim to be one.

--
FAQ for Microsoft Antispyware:
http://www.geocities.com/marfer_mvp/FAQ_MSantispy.htm

Sometimes services such as ours are miss-construed as "spyware" or
"profilers." Neither of these is true. None of our services collect
personally identifiable information (PII).

You folks just don't get it...

This computer belongs to ME. ALL the data on it belongs to ME, also...
and for that reason, I alone will decide who I allow to have my data.

Whether or not the data you collect is "personally identifiable" or not
is irrelevant. I, and many other computer users, are sick and tired of
software companies (like your "service") thinking they can collect any
damn thing they want from our computers just because [they claim] it's
not personally identifiable.

Obviously you haven't a clue what the anti-spyware/malware movement is
all about.

Have a rotten day.

 

[Bill Sanderson]

I've never noticed any issue removing cookies. In general, if a file is in
use it is hard to remove, so an in-place trojan can have this effect. I
suppose a really nasty trojan could protect a cookie via permissions so that
it would be hard to remove--I didn't find a quick reference for the cookie
you named.

 

[MSM1]

From the outcome of several anti-spyware programs, and from what I have
learned about hitbox, there has been enough "anonymous information"
collected from virtually millions of computers without the user's consent to
be EASILY misconstrued as spyware.

I will stand firm on the fact that if either personally indentifiable OR
aggregate anonymous information is collected from my machine just because I
visited a public website it is an intrusion.

Intrusions DO NOT have to do damage or plant viruses to be considered
intrusive.

OK- Tell he how many people are paid to run around door-to-door asking if
they had purchased product "X" at the grocery store after witnessing them
coming home from the store.

"Hello. We happened to noticed that you drove into a neighborhood where we
are operating an information collecting business and we noticed that you
shopped at a store within sight of our business. Since we are hired by the
grocery store you just shopped at, we are here to collect "anonymous
information" about what products you just bought at the store, so we can go
back to the store and report this to the manager, so he can compile
"aggregate information" about what products were sold in his store. With
this information, the store manager can determine what products are selling
better than others, and he will use this information only to improve the
business of the companies to retail their products in said grocery store. We
do not need your permission to collect this information because nothing
personally identifialble (besides your ADDRESS) will be included in the data
collection, and you happend to shop at a store who hired us to collect data
for them."

How interesting? Huge corporations making money just simply because
thousands of users log in to whereever.com and their pretty little ads were
on the site! Then- there is the 50/50 chance that the company might MORE
money IF these web surfers actually clicked the ad, went to the third-party
website, and conducted business.

Granted, all legal and legit, just an intrusive pester!
Now that I have seen cookies defended beyond reality, I don't think anyone
can correct me or anyone else about us wanting this little anonymous
information collecting data file.

Grocery stores make real money from selling products-- not from collecting
information about who buy's what. When they do, this is what in-house
samples and surveys are about! Non anonymous information collecting!!

MSM1

 

[Bill Sanderson]

That's terrific--you are using the options built-in to the browser--and
expanded since the original design, as I recall--to control the privacy
issue. This is a fine thing to do.

There's a lot of hype in the antispyware area. Some of it is very bad--i.e.
fake antispyware products which, in fact, are spyware themselves, pushed via
popups and overblown advertising.

Even the terminology used with the most popular programs: I run Microsoft
Antispyware and scan regularly. I just completed a Spybot Search & Destroy
scan with current definitions--it found nothing at all. I now scan with
Lavasoft's Adaware, which finds "8 New Critical Objects:

Started tracking cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : (e-mail address removed)[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:[email protected]/

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : (e-mail address removed)[1].txt
Category : Data Miner
Comment : Hits:13
Value : Cookie:[email protected]/

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : bills@statcounter[2].txt
Category : Data Miner
Comment : Hits:9
Value : Cookie:[email protected]/

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : bills@versiontracker[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:[email protected]/

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : (e-mail address removed)[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : bills@bravenet[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : (e-mail address removed)[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
http://www.filefront.com/

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : bills@cgi-bin[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/cgi-bin

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 8
Objects found so far: 8

I've looked at the content of these cookies, and I've looked at the web
sites associated, when I could spot that easily, and none of them looks like
something I particularly want lying around, so I'll blow these away.

But I wouldn't compare them, even in aggregate, with, for example a
keylogger found in place.

So declaring them as "8 Critical Objects" seems a bit overblown to me.

(But I'll go ahead and remove them. There are, by the way, 870 cookies
amongst which Lavasoft picked these 8, so it is being quite selective.)

 

[MSM1]

Interesting...

I have had at least 4 of those 8 cookies on my machine and I also gave these
cookies a real good internal look. And I did not particularly like what I
saw either.
From what I learned, the key words that signal the scanners is "ads",
"servedby", "cgi-bin", and various others.

Aside the scanning software, what also clued me in was that over half of
these "bad" cookies came into various web pages as third party. Let alone,
the live scanner from ZoneAlarm declared ANY and ALL third party cookies as
potentially harmful. And the average scanner considers tracking as harmful.
You and I know that aggregate data collection is nowhere near as harmful as
a stupid virus, yet, there still are privacy issues.

My confession here: my ultimate paranoia is stemmed from that fact that
before I got my new XP machine, I used to run an old (ancient!) Pentium 1
computer with Win 98.
I have to say that it was primarily built for Win 95 at the most, but, I
pushed that old 166 Mhz processor to the limit with 98.
Now, I ran constantly with NO firewall, limited virus protection, no
anti-spyware app of ANY sort, AND I was an active member of: Comet Cursor,
MarketScore, and I had almost 45 different doubleclick and hitbox cookies
that some was set to expire in 2035 or so. As a matter of fact, 3 of the
hitbox cookies had swollen with data to weigh in at 23 k's each!!

Then, I was not too registry savvy at that time either. So-- the machine was
so overloaded with crap until it finally got to the point where it would not
even boot! It would only partically load Windows, then freeze.

Solution: I did a complete format of the C: drive. As a matter of fact, I
formatted it 3 times in a row, then I installed a fresh, clean copy of 95
and took it off of the Internet.
(It now serves as a homework and typing practice machine for my kids!)

Since then, I have endeavored to educate myself on all the hype of complete
computer and systems security.

Thanx for the info!

MSM1

 

[Derek N]

Bill apparently I believe it is a Tracking Cookie, it is also known as "Advware.BetterInternet" see http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453088466.
I think BINet is derived from Better IinterNet.
Derek N

 

[Derek N]

Bill,
I have also found reference to this BetterInternet at
http://www.scanspyware.net/info/VX2.BetterInternet.htm. Apparently
Scanspyware call it "VX2.BetterInternet, also I notice that Ad-Aware SE now
have a Cleaner Plug-in for VX2s.
Derek N

 

[Russ Pyne]

Simple answer to JohnF. I do not have the time, nor should I have to check
what a cookie contains. Wipe these vermin from our machines.

Russ Pyne

 

[JohnF.]

More correctly, the store is collecting information about what OTHER
products you buy when you buy one particular item and that information helps
them understand what products to place near each other and where to put them
on the shelves. When you visit the store, they also have free samples and
those people also note what you are buying when you take a sample.

DEMOGRAPHICS is a very detailed and well managed subject and advertising has
been doing this many years longer than cookies have been around.

JohnF.

 

[JohnF.]

The web pages you visit DON'T belong to you - when you visit a website, you
are also indirectly providing your consent. The data in a cookie is
information YOU GAVE THE WEBSITE and the website asked to save it on your
computer rather than theirs and you said yes.


JohnF.

Sometimes services such as ours are miss-construed as "spyware" or
"profilers." Neither of these is true. None of our services collect
personally identifiable information (PII).

You folks just don't get it...

This computer belongs to ME. ALL the data on it belongs to ME, also...
and for that reason, I alone will decide who I allow to have my data.

Whether or not the data you collect is "personally identifiable" or not
is irrelevant. I, and many other computer users, are sick and tired of
software companies (like your "service") thinking they can collect any
damn thing they want from our computers just because [they claim] it's
not personally identifiable.

Obviously you haven't a clue what the anti-spyware/malware movement is
all about.

Have a rotten day.

 

[JohnF.]

www.anonymizer.com

Tin foil is extra.

JohnF.

Simple answer to JohnF. I do not have the time, nor should I have to check
what a cookie contains. Wipe these vermin from our machines.

Russ Pyne

 

[JohnF.]

Uh, cookie folder? Internet Explorer Tools menu, Internet Options, Delete
Cookies Button???

That was tough...

 

[JohnF.]

That's adware, not a cookie.


Bill apparently I believe it is a Tracking Cookie, it is also known as "Advware.BetterInternet" see http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453088466.
I think BINet is derived from Better IinterNet.
Derek N

 

[Bill Sanderson]

I happen to have direct experience with this one--they in fact have a web
site which I wont post directly here, but you can figure it out www.etc.com

It is quite slick looking, but everything it installs comes with the VX2
adware as a hidden extra--that's the primary purpose of the site. In my
case, I went to the site with the intent of testing Microsoft Antispyware on
a VPC. I installed one of their applets, and found that Microsoft
Antispyware was capable of removing it just fine.

However-it doesn't surprise me that your experience was different--these
things mutate over time, and they bring in additional packages, etc.