S
SpywareBetaUser
http://ptech.wsj.com/ptech.html
Personal Technology
July 14, 2005
Despite Others' Claims, Tracking Cookies Fit My Spyware
Definition
By WALTER S. MOSSBERG
Suppose you bought a TV set that included a component to
track what
you watched, and then reported that data back to a
company that used
or sold it for advertising purposes. Only nobody told you
the tracking
technology was there or asked your permission to use it.
You would likely be outraged at this violation of
privacy. Yet that
kind of Big Brother intrusion goes on every day on the
Internet,
affecting millions of people. Many Web sites, even from
respectable
companies, place a secret computer file called
a "tracking cookie" on
your hard disk. This file records where you go on the Web
on behalf of
Internet advertising companies that later use the
information for
their own business purposes. In almost all cases, the
user isn't
notified of the download of the tracking cookie, let
alone asked for
permission to install it.
Luckily, the leading Windows antispyware programs can
detect and
remove these tracking cookies. It is the best defense a
user has
against this tactic.
Now, though, some of the companies that place these files
on your hard
disk are complaining about that defense. Some are urging
the
antispyware software companies to stop detecting and
removing tracking
cookies. They assert that the secret placement of these
tracking
mechanisms is a legitimate business practice, and that
tracking
cookies aren't really spyware or aren't harmful.
Unfortunately for consumers, this twisted reasoning is
having some
impact. In the most notable case, Microsoft disabled the
detection and
removal of tracking cookies when it purchased an
antispyware program
from a small company called Giant and turned it into
Microsoft Windows
AntiSpyware. That is a big reason why I can't recommend
the Microsoft
product, which still is in the test phase but is
available for anyone
to download.
Microsoft says it still is evaluating how to treat
tracking cookies in
the program's final release. I believe it is important
for consumers
to know who is on their side right from the start and who
may be being
swayed by companies that do things to your computer
without telling
you.
The antispyware program I currently use and recommend,
Spy Sweeper
from Webroot Software, still detects and removes tracking
cookies. So
does another antispyware program derived from some of the
same
computer code as the Microsoft product -- CounterSpy, by
Sunbelt
Software. I haven't tested the latter program, but it has
received
good reviews elsewhere. There are other antispyware
programs as well
that still treat tracking cookies as spyware.
To understand the tracking-cookie issue, you have to know
something
about cookies overall, and you have to know what spyware
actually is.
Cookies are small text files that Web-site operators --
and
third-party companies that insert ads into Web sites --
place on a
user's computer. Many types of cookies are harmless or
even helpful.
For instance, a cookie might help a Web site remember
your preferences
for what news topics you chose to see. With your
permission, it might
store your login information, so you don't have to type
it in each
time you visit a particular site. Antispyware programs
aren't designed
to detect or remove these helpful cookies.
Tracking cookies shouldn't be confused with these other
cookies. They
have no user benefit except the vague promise that the
ads you get as
a result may be better tailored to your interests.
What is spyware? There are many definitions, but here is
mine, in two
sentences. Spyware -- and a related category called
adware -- is
computer code placed on a user's computer without his or
her
permission and without notification, or with notification
so obscure
it hardly merits the term. Once installed, spyware and
adware alter
the PC's behavior to suit the interests of outside
parties rather than
those of the owner or user.
Examples of spyware and adware include programs
called "browser
hijackers," which reset the home page or search engine
used by your
browser so the user is diverted to the sites of the
spyware and adware
companies or their clients. Others record your activities
and report
them to outside parties. Still others push ads in your
face, even when
you aren't using the Web.
Some tracking-cookie purveyors say their cookies aren't
really spyware
because they aren't full-fledged programs and they aren't
as
outrageous as spyware programs like "key loggers," which
record and
report every keystroke you enter. Others argue that the
companies
don't collect personally identifiable data, only
aggregate data from
many users. To me, tracking cookies clearly meet the
obvious
definition of spyware.
Rather than trying to legitimize tracking cookies with
pressure and
marketing campaigns, I suggest that, if they really
believe tracking
cookies are legitimate, the companies that use them
simply go
straight. They should ask a user's permission to install
the cookies,
pointing out whatever user benefits they believe the
cookies provide.
They might even offer users compensation for allowing
tracking cookies
on their machines.
Until that happens, here is my advice: If you don't like
the idea of
tracking cookies, run an antispyware program that detects
and removes
them, along with all the other indefensible computer code
some
companies think they have the right to install. After
all, it is your
computer.
Write to Walter S. Mossberg at (e-mail address removed)
----------------------------------------------------------
----------------------
Copyright © 2005 Dow Jones & Company, Inc. All Rights
Reserved.
Printing, distribution, and use of this material is
governed by your
Subscription Agreement and copyright laws.
For information about subscribing, go to
http://online.wsj.com
Personal Technology
July 14, 2005
Despite Others' Claims, Tracking Cookies Fit My Spyware
Definition
By WALTER S. MOSSBERG
Suppose you bought a TV set that included a component to
track what
you watched, and then reported that data back to a
company that used
or sold it for advertising purposes. Only nobody told you
the tracking
technology was there or asked your permission to use it.
You would likely be outraged at this violation of
privacy. Yet that
kind of Big Brother intrusion goes on every day on the
Internet,
affecting millions of people. Many Web sites, even from
respectable
companies, place a secret computer file called
a "tracking cookie" on
your hard disk. This file records where you go on the Web
on behalf of
Internet advertising companies that later use the
information for
their own business purposes. In almost all cases, the
user isn't
notified of the download of the tracking cookie, let
alone asked for
permission to install it.
Luckily, the leading Windows antispyware programs can
detect and
remove these tracking cookies. It is the best defense a
user has
against this tactic.
Now, though, some of the companies that place these files
on your hard
disk are complaining about that defense. Some are urging
the
antispyware software companies to stop detecting and
removing tracking
cookies. They assert that the secret placement of these
tracking
mechanisms is a legitimate business practice, and that
tracking
cookies aren't really spyware or aren't harmful.
Unfortunately for consumers, this twisted reasoning is
having some
impact. In the most notable case, Microsoft disabled the
detection and
removal of tracking cookies when it purchased an
antispyware program
from a small company called Giant and turned it into
Microsoft Windows
AntiSpyware. That is a big reason why I can't recommend
the Microsoft
product, which still is in the test phase but is
available for anyone
to download.
Microsoft says it still is evaluating how to treat
tracking cookies in
the program's final release. I believe it is important
for consumers
to know who is on their side right from the start and who
may be being
swayed by companies that do things to your computer
without telling
you.
The antispyware program I currently use and recommend,
Spy Sweeper
from Webroot Software, still detects and removes tracking
cookies. So
does another antispyware program derived from some of the
same
computer code as the Microsoft product -- CounterSpy, by
Sunbelt
Software. I haven't tested the latter program, but it has
received
good reviews elsewhere. There are other antispyware
programs as well
that still treat tracking cookies as spyware.
To understand the tracking-cookie issue, you have to know
something
about cookies overall, and you have to know what spyware
actually is.
Cookies are small text files that Web-site operators --
and
third-party companies that insert ads into Web sites --
place on a
user's computer. Many types of cookies are harmless or
even helpful.
For instance, a cookie might help a Web site remember
your preferences
for what news topics you chose to see. With your
permission, it might
store your login information, so you don't have to type
it in each
time you visit a particular site. Antispyware programs
aren't designed
to detect or remove these helpful cookies.
Tracking cookies shouldn't be confused with these other
cookies. They
have no user benefit except the vague promise that the
ads you get as
a result may be better tailored to your interests.
What is spyware? There are many definitions, but here is
mine, in two
sentences. Spyware -- and a related category called
adware -- is
computer code placed on a user's computer without his or
her
permission and without notification, or with notification
so obscure
it hardly merits the term. Once installed, spyware and
adware alter
the PC's behavior to suit the interests of outside
parties rather than
those of the owner or user.
Examples of spyware and adware include programs
called "browser
hijackers," which reset the home page or search engine
used by your
browser so the user is diverted to the sites of the
spyware and adware
companies or their clients. Others record your activities
and report
them to outside parties. Still others push ads in your
face, even when
you aren't using the Web.
Some tracking-cookie purveyors say their cookies aren't
really spyware
because they aren't full-fledged programs and they aren't
as
outrageous as spyware programs like "key loggers," which
record and
report every keystroke you enter. Others argue that the
companies
don't collect personally identifiable data, only
aggregate data from
many users. To me, tracking cookies clearly meet the
obvious
definition of spyware.
Rather than trying to legitimize tracking cookies with
pressure and
marketing campaigns, I suggest that, if they really
believe tracking
cookies are legitimate, the companies that use them
simply go
straight. They should ask a user's permission to install
the cookies,
pointing out whatever user benefits they believe the
cookies provide.
They might even offer users compensation for allowing
tracking cookies
on their machines.
Until that happens, here is my advice: If you don't like
the idea of
tracking cookies, run an antispyware program that detects
and removes
them, along with all the other indefensible computer code
some
companies think they have the right to install. After
all, it is your
computer.
Write to Walter S. Mossberg at (e-mail address removed)
----------------------------------------------------------
----------------------
Copyright © 2005 Dow Jones & Company, Inc. All Rights
Reserved.
Printing, distribution, and use of this material is
governed by your
Subscription Agreement and copyright laws.
For information about subscribing, go to
http://online.wsj.com