Web bugs and cookies

By Rik Farrow, ITworld.com |  Business

The collusion Griffin found across Microsoft sites should be impossible, but
Microsoft manages it by using URL redirection. Griffin even provides an example of how
you can send a request to an ASP file at Microsoft to deliver your Microsoft GUID to
your own server.

Microsoft has created a working mechanism for using cookies to maintain user
information across sites. href="http://www.lanl.gov/projects/ia/library/bits/bits0697.html">Cookies are not
in themselves, but do provide information that helps track users. Users
concerned about the privacy of their browsing activity should take note of this
development. It could let organizations track your shopping habits or file

Smith notes that the Web bug problem is not limited to Microsoft applications. He's
prepared a FAQ on the

How do you track or manage cookies? Netscape browser users can edit their cookies
file by exiting Netscape, finding their cookies file (in the Netscape folder on Windows
or the .netscape directory in the user's home on
Unix), and deleting any lines they wish. Deleting cookies that were left under Internet
Explorer is much more difficult, as the information is stored in structured binary
files instead of text.

You can disable cookies, but if you do, you lose valuable functionality when
visiting sites such as Amazon.com that use cookies to identify you. Internet Explorer
lets you accept cookies only from trusted sites, but such sites very likely would
include Microsoft, which leaves you just where the current problem started.

There are many
third-party utilities for managing cookies
, though I have not tested any of them.
But the latest issues with Web bugs and cookies point out the more general need for
better control of the security functions of our Web browsers. For example, browser
vendors should offer a toolbar button that temporarily enables Java or JavaScript for a
single site and disables them by default as soon as you visit a different site. Those
developing the next generation of browsers need to make user security a primary

Join us:






Answers - Powered by ITworld

Ask a Question