1996-08-06 - Re: Stealth cookies

Header Data

From: jfricker@vertexgroup.com (John F. Fricker)
To: cypherpunks@toad.com
Message Hash: 8bbe72b68524a69b0383b1a25615ae8f19ef6d4eb44f647b0e144702cc74810c
Message ID: <2.2.32.19960806003319.00a5a274@vertexgroup.com>
Reply To: N/A
UTC Datetime: 1996-08-06 05:05:16 UTC
Raw Date: Tue, 6 Aug 1996 13:05:16 +0800

Raw message

From: jfricker@vertexgroup.com (John F. Fricker)
Date: Tue, 6 Aug 1996 13:05:16 +0800
To: cypherpunks@toad.com
Subject: Re: Stealth cookies
Message-ID: <2.2.32.19960806003319.00a5a274@vertexgroup.com>
MIME-Version: 1.0
Content-Type: text/plain


Doubleclick was the company.

They place banner ads on other pages that deliver a cookie header to your
browser. Their trick is a script that delivers a cookie along with the graphic.
Here's a sample from one of their own ads:

Set-Cookie: IAF=x; path=/; expires=Wed, 09-Nov-99 23:59:00 GMT


And right from the horses mouth:
"DoubleClick has created the largest and most complete user and
organization database on the Internet. DoubleClick is able to tell an
incredible amount of information about a user, such as operating system,
location, organization name, type, revenue, and size (click here for a
more detailed description of target selection criteria). Along with
sophisticated scheduling and our incredible DART software,
DoubleClick is able to automatically and dynamically assign the best ad
banner for a user."

and

"DoubleClick development ad banners are designed to capture more
data about an individual or to attract potential advertisers, both of which
ultimately benefit all DoubleClick Network member Web sites."

Pomp and Puffery. But it makes the marketeers drool.

As a user downloads more doubleclick banners, the cookie allows doubleclick
to  accumulate more crumbs in the form of url of the referring page. Just as
traditional marketing demographics were founded on what magazines one
subscribes, web advertising hopes to build demographics on what pages you view. 

Solution?

1) Don't put your name in the netscape configuration (d'oh)
2) make your cookie.txt file read only
3) use www.anonymizer.com when surfing

Turning of "auto-load images" will not prevent the doubleclick cookie from
being transmitted or recieved.

aside note:
there is a current cp archive at http://infinity.nus.sg/cypherpunks/ but it
could use a local search tool.

--j

At 03:33 PM 8/5/96 -0500, you wrote:
>There's been a thread here about some outfit that, by being referenced
>from web documents here and there, would insert its cookie in your
>browser even though you've never directly visited that site.  I've
>nuked any & all messages about that; if anybody recalls any details,
>I'd be thankful for the information.
>
>______c_____________________________________________________________________
>Mike M Nally * Tiv^H^H^H IBM * Austin TX    * For the time being,
>       m5@tivoli.com * m101@io.com          *    
>      <URL:http://www.io.com/~m101>         *    three heads and eight
>arms.
>






Thread