Cookie request from MSN.com in this forum? YES!

[linux-newbie]

WTF!? I go to read "all for crashing the M$ webserver..." post around 8:55 PM MDT and my cookie manager gives me a request from, of all places MSN.com - but ONLY on this one topic! I trtied server others as well as different forum areas but ONLY that topic has that cookie request. Here is the basic info:

Name: MC1
Value: E54DE98BDA57054A492B
Expire: 2003-10-01  18:00
Path: /
Domain:  .msn.com
Is Secure: False

As I said, WTF?

Regards,
Linux-newbie

[ April 17, 2002: Message edited by: linux-newbie ]

[linux-newbie]

Hmm, fat fingers and dyslexia - MSN.com

[linux-newbie]

Hmmm, just looked at the "2000 Server Review" topic and got the same request!! What gives?

[SpeeDFreaK]

"The man" is watching us...

I got the cookie on both topics too... maybe it's a client-side thing. But i'm still a little spooked.

[Calum]

it's jptenrod, his signature graphic is hosted at http://communities.msn.com/_Secure/0OAARG5kUukYYm1icqdeTiUzXiiHsFTcPCh1IorxoeY1FMKRbjKuVwPIIs9u0Uteytd6!vCF3md!BB1uCOmmtewAAAAAAAAAA/dolphin.gif" target="_blank">http://communities.msn.com/_Secure/0OAARG5kUuk
YYm1icqdeTiUzXiiHsFTcPCh1IorxoeY1FMKRbjKuVwPIIs9u
0Uteytd6!vCF3md!BB1uCOmmtewAAAAAAAAAA/dolphin.gif

or at least it was in the past. I had heard he had changed it but perhaps some of his links are hard links (ie they didn't get updated when he changed hosts) there is actually a whole topic telling him about this, i suggest you post this info there, and let him edit out the image himself...

[ April 18, 2002: Message edited by: Calum ]

[Calum]

not all of his posts have been fixed up, a couple slipped the net.
i was thinking of sending him a PM to tell him about it but i didn't  

[Zombie9920]

Oh no! The cookie monster is gonna get you all!
IE has something that your primative browsers must not have. It is called cookie control.

Pretty nifty eh?
http://zombie9922.homestead.com/files/cookieblock.jpg

This indicates that the cookies for a site have been blocked. In this example I have the cookie for this site blocked.
http://zombie9922.homestead.com/files/cookieisblocked.jpg

[ April 18, 2002: Message edited by: Zombie9920 ]

[Calum]

oh pish and tosh!

all the other browsers handle cookies fine, if in slightly different ways, the problem is those fucking sites that won't let you view them without cookies, for so called "security reasons".

Besides, it's the principle of the thing, are you one of those people who thinks that only people with something to hide want their privacy?

[Zombie9920]

quote:Originally posted by Calum:
Besides, it's the principle of the thing, are you one of those people who thinks that only people with something to hide want their privacy?

Not at all. I keep my browsers' cookie control set at Medium-High at all times. It is low enough to where I can use forums but it is high enough to block the cookies from ad sites, porn popups, etc. It is a well known fact that ad sites use cookies to collect information about you and your interests so they can pop up ads that will interest you(so you will click on the stupid ad). I'm not very worried about hackers seeing my cookies because I have yet to have my system hacked(My firewalls block people everyday and I have *EVERY* port stealthed).

Really, I doubt MS gives a damn what sites you visit. I really doubt that MS reads anyones cookies. They have more important stuff to deal with than to sit around and browse peoples' cookies.

[Calum]

:eek:    :eek:    :eek:  
i agree with everything you just said!!!
well they say there's a first time for everything!

no, as i have intoned in the past, the privacy compromise is rarely about tracking individuals, it is about second parties selling first party information and statistics (gathered through easy to write and cheap software) to third parties and not giving any of the proceeds to the first parties (that's you and me) whose statistics and data they sold in the first place.

bringing it back to that car analogy, it's like somebody hiring out your car to strangers at night and keeping all the money because you were sleeping and wouldn't have used it then anyway.

[Master of Reality]

quote:Originally posted by Zombie9920:


Not at all. I keep my browsers' cookie control set at Medium-High at all times. It is low enough to where I can use forums but it is high enough to block the cookies from ad sites, porn popups, etc. It is a well known fact that ad sites use cookies to collect information about you and your interests so they can pop up ads that will interest you(so you will click on the stupid ad). I'm not very worried about hackers seeing my cookies because I have yet to have my system hacked(My firewalls block people everyday and I have *EVERY* port stealthed).

Really, I doubt MS gives a damn what sites you visit. I really doubt that MS reads anyones cookies. They have more important stuff to deal with than to sit around and browse peoples' cookies.

i like mozilla for handling cookies. I just set it to allow cookies from fuckmicrosoft.com and nowhere else. The only sites that i have been to that make you use cookies is microsoft sites (hotmail). Mozilla 9.9 has better cookie handling than the previous releases. I cant wait for 1.0 to come out!

------
these damn win keys (i hit them three times by accident in that post... Wheres that damn epoxy?

[ April 18, 2002: Message edited by: Master of Reality ]

[Slacker]

If a browser is working properly then a cookie shouldnt really ever be a security risk.  The way a cookie is set is the server sends the cookie information through http and the browser says...  ok this cookie is from this domain and makes a little file for it.  Only this domain will beable to see this cookie..    And it will only beable to see the cookie.. nothing else.. the cookie is put in the http request whenever it see's the domain.. nothing else..    The problem is we think that the server peers in on our system..  so we think its a security risk.  but thats not what happens.  the cookie is sent when requesting the page.    And only that server will see it because the browser isnt going to send that cookie to another server.    As far as a cookie request from MSN.com that doesnt make any sense unless this forum has a hidden frame with msn.com in it.

[ April 18, 2002: Message edited by: Slacker ]

[Calum]

quote:Originally posted by Slacker:
If a browser is working properly then a cookie shouldnt really ever be a security risk.  The way a cookie is set is the server sends the cookie information through http and the browser says...  ok this cookie is from this domain and makes a little file for it.  Only this domain will beable to see this cookie..    And it will only beable to see the cookie.. nothing else.. the cookie is put in the http request whenever it see's the domain.. nothing else..    The problem is we think that the server peers in on our system..  so we think its a security risk.  but thats not what happens.  the cookie is sent when requesting the page.    And only that server will see it because the browser isnt going to send that cookie to another server.    As far as a cookie request from MSN.com that doesnt make any sense unless this forum has a hidden frame with msn.com in it.

[ April 18, 2002: Message edited by: Slacker ]

fine, did you ever notice that every time you log in to hotmail, you pick up a cookie (which it is not compulsory to accept) that doesn't match the server path? why? is it so information other than that for which a cookie is intended can be gathered? what's the theory behind that?
Also, tell us about third party cookies? where do they come in, hmm?
Cookies may not be a security risk in the ideal world, but in an ideal world nobody would go hungry and we'd all be happy. The real world as you know is very different.

[Zombie9920]

quote:Originally posted by Master of Reality:


i like mozilla for handling cookies. I just set it to allow cookies from fuckmicrosoft.com and nowhere else. The only sites that i have been to that make you use cookies is microsoft sites (hotmail). Mozilla 9.9 has better cookie handling than the previous releases. I cant wait for 1.0 to come out!

[ April 18, 2002: Message edited by: Master of Reality ]

Well, Mozilla RC-1 is available for download. You can get it over at http://www.mozilla.org/releases/

[Calum]

you're slipping, X11, where's the map, and the driving directions to his front door?