[ncd,1656] Cookies

[schweiz@example.com (Jim Schweizer)]

Hi all,

This showed up in my mail yesterday and thought you might want to see it. I
checked my cookie and found nothing from them - read on.... 

>I found this post in a www-security mailing list. I thought this
>list would benefit from it too. Comments?
>
>
>-Bill
>
>Forwarded message:
>| Date:         Wed, 26 Jun 1996 19:42:00 -0700
>| From: Scott Wyant <scott_wyant@example.com>
>| Subject:      COMMENT: Cookie dough
>| To: Multiple recipients of list ADV-HTML <ADV-HTML@example.com>
>| 
>| (I originally posted this to a library science listserve, and was asked to
>| post it here.  I hope it is of some interest to ADV-HTML readers)
>| 
>| This list has seen discussion about the little "cookie" that a Netscape
>| server hands to your browser.  Have you wondered how someone might use it to
>| make some money?
>| 
>| Here's how.
>| (This will take a while, but I think it's worth it.)
>| 
>| Using Find File, look for a file called cookie.txt (or MagicCookie if you
>| have a Mac machine).  Using a text editor, open the file and take a look.
>|  If you've been doing any browsing, the odds are about 80/20 that you'll find
>| a cookie in there from someone called "doubleclick.net."
>| 
>| If you're like me, you never went to a site called "doubleclick."  So how did
>| they give you a cookie?  After all, the idea of the cookie, according to the
>| specs published by Netscape, is to make a more efficient connection between
>| the server the delivers the cookie and the client machine which receives it.
>| But we have never connected to "doubleclick."
>| 
>| Close MagicCookie, connect to the Internet, and jump to <www.doubleclick.net>
>|  Read all about how they are going to make money giving us cookies we don't
>| know about, collecting data on all World Wide Web users, and delivering
>| targeted REAL TIME marketing based on our cookies and our profiles.
>| 
>| Pay special attention to the information at:
>| <www.doubleclick.net/advertising/howads.htm>
>| 
>| You'll see that the folks at "doubleclick" make the point that this entire
>| transaction (between their server and your machine) is "transparent to the
>| user."  In plain English, that means you'll never know what hit you.
>| 
>| So what's happening is, subscribers to the doubleclick service put a "cookie
>| request" on their home page FOR THE DOUBLECLICK COOKIE.  When you hit such a
>| site, it requests the cookie and take a look to see who you are, and any
>| other information in your cookie file.  It then sends a request to
>| "doubleclick" with your ID, requesting all available marketing information
>| about you.  (They're very coy about where this information comes from, but it
>| seems clear that at least some of it comes from your record of hitting
>| "doubleclick" enabled sites.)  You then receive specially targetted marketing
>| banners from the site.  In other words, if Helmut Newton and I log on to
>| the same site at the exact same time, I'll see ads for wetsuits and
>| basketballs, and Helmut will see ads for cameras.
>| 
>| If you log in to a "doubleclick" enabled site, and it sends a request for
>| your "doubleclick" cookie, and you don't have one, why each and every one of
>| those sites will hand you a "doubleclick" cookie.
>| 
>| Neat, huh?  And you can bet they're going to be rolling in the cookie dough.
>| Me, I edit my cookie file each and every time I go to a new site.  (Despite
>| the dire warning at the top of the file, you can edit it with no adverse
>| consequences.)
>| 
>| Oh, and one other thing.  If you edit your cookie file BEFORE you connect to
>| "doubleclick," and then jump around at the site, you'll notice that they
>| DON'T hand you a cookie.  I probed the site pretty carefully, checking the
>| MagiCookie file, and nothing happened.
>| 
>| Until I closed Netscape.  The LAST thing the 'doubleclick" site did was....
>| You guesed it.  They handed me a cookie.  So much for making the
>| client-server negotiation more efficient.  (In fairness, that cookie may
>| have been in memory until I closed Netscape -- I can't tell for sure.)
>| Scott Wyant
>| Spinoza Ltd.
>
>Note that recent versions of Netscape have an option to "show an alert
>before accepting a cookie" which can be turned on in the Network
>Preferences/Protocols menu.
>
>
>
>
>
>
>
>
----------------------------------------------------------
Jim Schweizer                JPS Solutions
Consultant                Education Services
Kunitomi 988-18        Tel/Fax:81-(0)86-272-0019
Okayama, Japan 703   E-mail:schweiz@example.com
Family Page - http://www.harenet.or.jp/personal/schweiz/
----------------------------------------------------------