Tracking Cookies

[Guest]

Hi,

Windows Defender doesn't currently detect tracking cookies that most other
Vendors products detect. eg. Adaware, Spy Bot, Spy Sweeper.

Shouldn't these items be scanned for as well by Windows Defender as although
relatively minor they still pose a privacy threat.

Al.

 

[Guest]

WD doesn't detect tracking cookies
Internet Explorer 7 has a new feature called delete browsing history

 

[Mike Chan [MSFT]]

We have stated before that they are not a security concern, and although a
privacy concern, the proper place for cookie management is the web browser
(they set them and are the only ones who know the context of how they got
there)

Many spyware vendors keep detecting them because it shows that their PAID
product is continaully doing something, but in reality, all they are doing
is overhyping cookies and tricking customers into thinking their product is
doing something.

If you really don't like 3rd party cookies - turn them off in Firefox or
IE...

However, if we are to discover a way to tell if a text file (which is what a
cookie is) is good/bad by looking at it, we'd be interested in looking at it
=)

Most vendors just go around deleting cookies from some domains, and that is
not an objective process - and many wanted cookies are eliminated that way
as well.

IE has very powerful cookie management technology using P3P (privacy
policies from websites) that customers may just need more education on.

--
Mike Chan [MSFT]
Technical Product Manager
Windows Defender

This posting provided "AS IS" with no warranties, and confers no rights.
--

Hi,

Windows Defender doesn't currently detect tracking cookies that most other
Vendors products detect. eg. Adaware, Spy Bot, Spy Sweeper.

Shouldn't these items be scanned for as well by Windows Defender as
although
relatively minor they still pose a privacy threat.

Al.

--
Mike Chan [MSFT]
Technical Product Manager
Windows Defender

This posting provided "AS IS" with no warranties, and confers no rights.
--

 

[Linuxgirl]

We have stated before that they are not a security concern, and
although a privacy concern, the proper place for cookie management is
the web browser (they set them and are the only ones who know the
context of how they got there)

I disagree with that. On Windows systems I use a cookie manager that after
accepting a cookie, automatically deletes it. I do agree that Cookies are of
little concern and easily deleted but MS needs to address the concerns,
valid or not, of the people who use their OSs.

Many spyware vendors keep detecting them because it shows that their
PAID product is continaully doing something, but in reality, all they
are doing is overhyping cookies and tricking customers into thinking
their product is doing something.

That sounds like as good an excuse as any for MS not to include cookies in
their Defender removal tools. Are you actually serious? Do you really think
people will believe nonsense like that?

If you really don't like 3rd party cookies - turn them off in Firefox
or IE...

However, if we are to discover a way to tell if a text file (which is
what a cookie is) is good/bad by looking at it, we'd be interested in
looking at it =)

Most vendors just go around deleting cookies from some domains, and
that is not an objective process - and many wanted cookies are
eliminated that way as well.

Not true

IE has very powerful cookie management technology using P3P (privacy
policies from websites) that customers may just need more education
on.

Not true.



LG

 

[plun]

Not true.

LG

Hi LG

In theory true......

But not in the bad guys world, tracking Zombies and hijacked PCs
with Spyware cookies.

MS tries to save investments for a dead technology

TPM cookies maybe

Regards
plun

 

[Guest]

I agree with Mr. Chan. If you run Sypbot, Lavasoft Ad-Aware and a-squared,
you get a list of tracking cookies. Have you ever noticed that the lists are
not identical. Even the spyware program developers can't agree. What
concerns me is that if you take away this information (i.e. delete the
cookies) and enough people start doing this, then these companies that
collect the info will start developing even more insidious ways to get the
same and if not more information (it's probably being done). I know this
argument has a lot of holes in it. I am not even sure that deleting the
cookies resolves the issue because information has already been collected.

We have stated before that they are not a security concern, and although a
privacy concern, the proper place for cookie management is the web browser
(they set them and are the only ones who know the context of how they got
there)

Many spyware vendors keep detecting them because it shows that their PAID
product is continaully doing something, but in reality, all they are doing
is overhyping cookies and tricking customers into thinking their product is
doing something.

If you really don't like 3rd party cookies - turn them off in Firefox or
IE...

However, if we are to discover a way to tell if a text file (which is what a
cookie is) is good/bad by looking at it, we'd be interested in looking at it
=)

Most vendors just go around deleting cookies from some domains, and that is
not an objective process - and many wanted cookies are eliminated that way
as well.

IE has very powerful cookie management technology using P3P (privacy
policies from websites) that customers may just need more education on.

--
Mike Chan [MSFT]
Technical Product Manager
Windows Defender

This posting provided "AS IS" with no warranties, and confers no rights.
--

Hi,

Windows Defender doesn't currently detect tracking cookies that most other
Vendors products detect. eg. Adaware, Spy Bot, Spy Sweeper.

Shouldn't these items be scanned for as well by Windows Defender as
although
relatively minor they still pose a privacy threat.

Al.

--
Mike Chan [MSFT]
Technical Product Manager
Windows Defender

This posting provided "AS IS" with no warranties, and confers no rights.

 

[Guest]

Mike Chan and Mr Cat are both correct, most true Anti-Spyware applications
have dead ended their support for cookies in favor of allowing the Browser to
manage these. If you don't want cookies, just turn them off or reject them!
Of course, some sites won't allow you to browse with them off, but should it
really worry you that they're keeping info in a cookie? They can easily
collect the same information on their own end of the connection.

In truth, it's always been the Third-Party Tracking cookies that bothered
the most. It's possible in IE6 to simply disable these completely. In fact,
it's recommended by the developers of Spybot Search & Destroy, here in their
online FAQ. I've seen posts by Patrick Kolla himself where he recommended
this alternative.
http://www.safer-networking.org/en/faq/37.html

I've had Third-Party Cookies set to 'Block' and First-Party Cookies set to
'Prompt' for over a year and have had no problem accessing web sites. The few
I use regularly and trust are set to Always allow and those that annoy me
with constant prompts I set to Always block. Only the first few days were
'noisy' as I Allowed/Blocked the most used sites, I rarely see a promt now
during normal daily usage.

No need to 'Manage' cookies anymore, though I occasionally browse through
the 'Web Sites' list in IE, more out of curiosity then need. Removing cookies
after the fact is basically worthless, the 'damage' of being tracked within
the site has already been done and would be better avoided in the first
place. This only avoids tracking on the same site the next time you return,
but why would you if you don't trust them?

Bitman