RE: Moscow Fax intercept procedure,
Mon, 15 Nov 1999 18:13:05 -0800 (PST)
[: hacktivism :]
Sorry...seems none of us is either right nor
wrong....cookies are what they are written to
be...left at the discretion of the
coders.......while most are harmless there are
some that are not. The offending cookies I was
talking about were from off the wall sites at
least 3-4 yrs ago,not many are found now,but they
still do exist& they were of a type that actually
grew in size every time I surfed....believe it or
not,they did.from 1KB to 3 KB,and left alone to
observe them,they grew to be 11 KB before I
decided to dump them. Another cookie that
"shares" is the About.com cookie...and Delphi
cookie...I can access anywhere on either site
with only either one of those running.Dont
believe it? try it yourself. It works. To get
back to the Original posting of this topic,
some of these pages explain how 'they' get your
address to mail those zines to you.
Where did I get my information? here.
*************known cookie bugs:******************
the ciac says:
this site gave me some peace of mind :
************newest find on
How Web Servers' Cookies Threaten Your Privacy
Check your browser · How to disable cookies ·
Further protection · (Free Cookie Management
You can be tracked from your mouse clicks
The pages you read tell marketers what junk to
push on you
Imagine that your remote control informed
stations the second you switched to them, and
that they could sell this information to their
advertisers to help them decide what junk mail to
Would you want to be pushing buttons on a remote
that could tell an insurance company to phone you
while you're watching a program about financial
planning? Well, your mouse and browser are now
giving them exactly that power, except that
instead of just the channel number, they are
getting the exact URLs of the Web pages you look
We want you to know how they can identify you
individually and how you can protect your
identity from being discovered and sold. Don't
let them use your browser as a tool of
What your browser tells them
Your browser is probably revealing more than you
might want: which computer you are coming from,
what software and hardware you are using, details
of the link you clicked on, and possibly even
your email address. For specifics on your browser
click on our demonstration page.
If your ISP is running an identd demon, or if you
leave certain IRC clients running while you surf,
servers can ask for your identity at the time
your browser requests a page. Try our test to see
whether this is happening to you. Some firewalls
(rightly) block these requests, so if the browser
goes silent just interrupt the transfer request
with the stop button. If you're running an IRC
client you may find the disclosure stops when you
turn it off; see instructions below.
How they can find out who you are
All they may need is your email address because
various databases let them look up your name and
address from it.
People often type their email or postal address
into forms, when registering at a site or
Some browsers that include a mail handler
disclose the user's email address in certain
situations, such as when requesting a file by
FTP, which you can do simply by clicking on a
link that happens to begin ftp: rather than http.
You can tell your browser not to do this.
Cookies tell them it's you every time you click
Many organizations use ``cookies'' to track your
every move on their site. A cookie is a unique
identifier that a web server places on your
computer: a serial number for you personally that
can be used to retrieve your records from their
databases. It's usually a string of
random-looking letters long enough to be unique.
They are kept in a file called cookies or
cookies.txt or MagicCookie in your browser
directory/folder. They are also known as
``persistent cookies'' because they may last for
years, even if you change ISP or upgrade your
browser. The two most popular browsers support
cookies; almost all others don't.
If you look at your cookies file you may see the
names of web sites that you have never heard of.
They were probably put there by companies that
resell advertising space from a large number of
popular sites. Those ad placement companies
maintain huge databases recording details of who
looks at which pages. The larger ones have
cookies in place on millions of peoples'
browsers. If you use one of the popular search
engines, the queries you type are probably being
logged and analyzed too. We wonder whether some
companies are selling your identity as part of
Any web site that knows your identity and has
cookie for you could set up procedures to
exchange their data with the companies that buy
advertising space from them, synchronizing the
cookies they both have on your computer. This
possibility means that once your identity becomes
known to a single company listed in your cookies
file, any of the others might know who you are
every time you visit their sites.
The result is that a web site about gardening
that you never told your name could sell not only
your name to mail-order companies, but also the
fact that you spent a lot of time one Saturday
night last June reading about how to fertilize
roses. More disturbing scenarios along the same
lines could be imagined.
There are of course many convenient and
legitimate uses for cookies, as Netscape
explains. They also allow ``mass customization''
of the content on web sites. But it's not
generally possible to tell from looking at a
cookie alone how it will be used. Because of the
possibilities of misuse we recommend disabling
cookies unless you really need them.
How to disable cookies
The Internet Junkbuster is a good first line of
defense, stopping perhaps 99% of cookies. But you
should also tell your browser that you don't want
cookies. (Or if you use the Junkbuster to
selectively accept cookies, tell your browser to
warn you before accepting cookies.) If you're
using a major browser numbered below 4.0 it
probably only gives you the option to refuse each
cookie at the time it is pushed at you: you have
to keep saying no every time.
On Netscape 3.0, try the Options menu: go to
Network Preferences, then Protocols. Under Show
an alert before check Accepting a cookie. (Don't
forget to Save your option settings.)
On Microsoft Internet Explorer 3.0, try View,
then Options, then Advanced, check the box Warn
before accepting cookies.
On Netscape Communicator 4.0b2, go to Edit, then
Preferences, then Advanced, click on Never accept
cookies (or Warn me before accepting a cookie).
For MS-IE 4.0: View, Internet Options, Advanced,
scroll down to Security, Cookies, Disable all
cookie use; alternatively: Right click IE
shortcut, select Properties, select Advanced,
scroll down to Cookies, select options.
We know of no way to stop cookies on WebTV's
browser or Juno Web. If you do, please tell us.
Cookies are also supported in Opera and the
latest version of Lynx.
Your browser may be different: it may not support
cookies, or it may not allow you to stop them.
Even if it does, you may have to click on cancel
each time a web site wants to push a cookie on
you. (Some set several per page.)
One method that works with some browsers (such as
Netscape) is making the cookies file read-only
(right click, choose properties) or creating a
directory of that name. (On Macs, remove the
MagicCookie file and create an empty folder of
the same name.) However, any browser could cache
cookies even when it can't write them to a file.
If you remove the file your browser will probably
just quietly make a new one. Some people use a
batch file to delete the file on start-up.
We have had reports of the following undocumented
methods for stopping cookies permanently under
Windows, but haven't tried them ourselves.
For MS-IE, delete the following entry in the
Settings\Cache\Special Paths\Cookies] Next reboot
and delete the WINDOWS\COOKIES directory.
For Netscape delete the following entry in the
delete the COOKIES.TXT file.
How and why you should disable ActiveX, VBS,
We also recommend disabling Microsoft ActiveX,
due to the large number of serious security
loopholes they have opened, and because they
provide servers with another way to get Referer
and other information. (Disabling Java also stops
many pop-up ads and interstitials.) On Netscape
2.0, look under Options, then Security. On
Netscape 3.0, look under Options, Network, then
Languages. On Netscape Communicator 4.02, select
Edit, Preferences, Advanced then deselect Enable
Our instructions for disabling ActiveX were taken
from a single version of Windows; please tell us
appropriate instructions if your version differs.
Under the Windows Start menu and select Settings
| Control Panel command; in the Control Panel
window double click on Internet Options icon; in
the Internet Properties window click on the
Security tab in the Security panel: Click on the
Internet icon; Click on the Custom Level...
button; Scroll down to the entry for Run ActiveX
controls and plug-ins and click on Disable; OK;
What other privacy-invading features should I
Be sure to the following options are not checked:
Send email address as anonymous FTP password and
Enable Autoinstall.) They are in Netscape 4.X in
the panel above. If you know the procedures for
other browsers, please tell us. To check whether
your email address is being given away, visit any
FTP site (such as this one) that displays the
login name given by your browser. It should be
UNKNOWN if your browser is configured correctly.
On Netscape 4.06 and above, we recommend
disabling the What's Related feature.
MS IE-4.0 allows servers to determine the URLs
you view at their site even if accessed from
cache or through a proxy. To disable this, try:
View, Internet Options, Advanced, clear the
check-box beside Enable page hit counting. Or get
We're told by a user of the IRC client mIRC that
the following lines will disable identd when it's
not needed by the client.
on 1:start: .identd on
on 1:disconnect: .identd on
on 1:connect: .identd off
The lines are placed in the under remotes in the
mIRC editor. If you have any experiences or
advice on this, please tell us.
Other things you can do to protect your privacy
on the Web
The Internet isn't an easy place to keep your
privacy, but a few Web sites help.
Use our free Internet Junkbuster proxy to remove
unwanted cookies and other sensitive headers (as
well as banner ads).
Surfing through the Lucent Personalized Web
Assistant (LPWA) conceals your computer's IP
address, and adds some neat privacy features. The
Anonymizer also removes cookies and adds ads and
delays, unless you pay.
Other add-on products also reduce the amount of
personal information that your surfing discloses.
Tell organizations not to sell or share the
information they collect about you. JUNKBUSTERS
DECLARE makes this easy by drafting the letters
To warn visitors to your home page about the
risks explained here, you are welcome to add a
sentence like ``You can be tracked from your
mouse clicks'' with a link to our demonstration
Our services follow the principle that
information about people should be made visible
to those people and be approved by them. And we
don't push cookies.
Home · Next · Site Map · Legal · Privacy ·
Cookies · Banner Ads · Telemarketing · Mail ·
Copyright © 1996-9 Junkbusters ® Corporation.
Copying and distribution permitted under the GNU
General Public License. 1999/08/19
Do You Yahoo!?
Bid and sell for free at http://auctions.yahoo.com
[: hacktivism :]
[: for unsubscribe instructions or list info consult the list FAQ :]
[: http://hacktivism.tao.ca/ :]