Hello all,

I have never had any cookies from this forum except for two that are used for logging in.

I just found, when going to a particular thread ( http://www.wilderssecurity.com/showthread.php?t=3160 ), two cookies try to load on my system. They are from the following two web sites: 1.) www.news24.com , and www.new24.co.za

Does anyone know what is up with this?

I just thought this is very strange....... :o

Regards,
Kent

Edited to erase my IP address which was showing up in one of the cookies shown in the attachment......

Hello all,

I think I have found the culprit of the unknown cookies.....

Whenever I go to a thread where Technodrome has posted, I get the cookies attempting to get on my machine. It seems his avatar (VW) is coming from a site that has cookies attached to the image. Interesting as I have never ran into this before. Also interesting since one cookie was trying to grab my IP address to relay back to them.

I wonder if Technodrome knows his new avatar is cookie infected ;D ?

Regards,
Kent

Hello all,

If anyone is following this, try this link ( http://www.wilderssecurity.com/showthread.php?t=3158 ). Technodrome also has posted there and the cookies are there also.

Regards,
Kent

i use to get something from Blaze's Basement...LOL...
couldn't figure out how Blaze got me there either. :)

Gents,

This can happen when using a "third party" avatar instead of a standard one coming with the board. The only work around is blocking these cookies.

regards.


paul

Thanks Paul,

I had already blocked the cookies, just had never had any cookies appear on this forum and it took a moment to figure out what was up. Once I figured they came from the image, no problem, cookies blocked. It was that at first, I had no idea what was going on and posted before I researched into it sufficiently. Never at anytime thought that the board itself was supplying the cookies....Guess my topic was a bit misleading as it sounds like I am accusing wilders of the cookies. If it came acress this way, I apologize. No offense was intended as the integrity of this board was never in question by me ;D .

Regards,
Kent

No problem, Kent ;)

regards.

paul

{QUOTE-> quoting: puff-m-d link=board=11;threadid=3162;start=0#21317 date=1029912420]

I wonder if Technodrome knows his new avatar is cookie infected ;D ?
<-QUOTE}

I know! ;D
Sorry for that!

Didn't like it either so I removed it. No more sweet cookies from me! ;D


Technodrome

Thanks TD ;)

In general, not aimed at anyone in particular, not wanting to hurt anyone, and just as my personal opinion:

I will try to block most of the third party connections that I did not ask for. IMHO people should be aware that this is a computer/internet security related forum. I simply don't understand why people post here things that force you to make third part connections without leaving it up to you to decide whether to go there or not.
There are a few avatars here that make connections to other sites which I don't want to block (that means: I don't want to block those sites).
Of course I don't have any problems with posting links, but then you can decide yourself whether you want to go there or not.
I also have no problem with a personal avatar or pic, as long as it will not force a connection to another site without giving me the opportunity to decide myself whether to go there or not.
I want to make sure that this is just my personal opinion and that I was not writing this as a mod.

I understand where you are coming from..there are many forums and BB's that do not have storage space to up load and link to other IP's are required to fully display a page.

You trust Wilders..but there are risks and it all depends on the type of software used to put up these Board..how well they keep up with patches to know vulnerabilities and then of course the security level of the site where these images and other links come from..and how you then are caught up in "sharing" unwillingly anything else that comes with it.


I think you have something specific in mind ;-). I can't see where discussing it is going to hurt anyones feelings..on the contrary it ...


It may help is dispell some Myths and in other cases help us all to be careful what we do brings to this forum..


Last thing I would want to do is crash or exploit your system...and I do not serve cookies with milk. ;D ;D ;D

Tracking cookies are stale and moldy.

While we are talkin about avatars and thrird parties, i'll add that since all avatars (except mine and the builti n ones) are from third party web hosts, there is a security issue regardless of cookies.

Every time you view a thread, the third party server is contacted and that contact is logged by that server. I did some tests a few months ago and I could basically tell who has read what post etc. So, cookies are not creating the issue, the issue was already there.

Some people don't realize it's happening. The host they have their image on has some sort of code that allows it to do that when the image is displayed elsewhere. Can't really understand that logic.
I don't know if anyone else has noticed it, but IE6 will sometimes show that it has blocked 3rd party cookies when it hasn't. There are 3rd party images, but it does this from my servers too (both of them) and I know my sites don't do that. I've noticed this on Win ME, 98se, and XP Pro.

I noticed it when I joined this forum back when it changed over to YaBB. It was also one of the reaons I left back then.
I am back and know how I control the problem for me at least ..and I feel safe. ;D ;D

:) Hi Guys! So, if third party cookies can be bad, it would be better to use cookies from this site? Not from elsewhere. Go look at my posting in the FAQ on How to Post Your Own Pictures. Post your picture in the Testing Forum and then use it's URL to post your cookie/pics! I used ScreenHunter and Irfan Viewer. Great results, nice and clean! ;)

Thanks to everyone for the responses!!

Just a little sidenote....I use Opera 6.05 build 1140 with CookiePal 1.7c. This setup catches all cookies before they are on my system and allows me the choice of always accepting them, forcing them to be a session cookie, blocking them once, or putting them on my always block list. As there are several cookies that I need (ie. wilders forum), I love this combination and it works well for me.

Also thanks for the comments on this problem being there with or without cookies (as in third party avatars). That is one reason I love this board....I learn something new here everyday!!

Regards,
Kent

{QUOTE-> quoting: puff-m-d link=board=11;threadid=3162;start=0#21687 date=1030203813]
Thanks to everyone for the responses!!

Just a little sidenote....I use Opera 6.05 build 1140 with CookiePal 1.7c. This setup catches all cookies before they are on my system and allows me the choice...
Also thanks for the comments on this problem being there with or without cookies (as in third party avatars). That is one reason I love this board....I learn something new here everyday!!

<-QUOTE}

same here. I just came visiting after several weeks "away" and was rather taken aback when Opera alerted me to the attempt to set a cookie by some obscure site... that happens here now, too ?!? Hell, who needs avatars and all that other fluff and crap, certainly no reason to compromise security -- it may be cute, but its a waste of time and I'd rather have plain ASCII anyday... (isn't there an option to turn all that time/space/patience wasting blubber off? there should be...!) there is so much obfuscating crap in these new-fangled BBSes today, when one really doesn't need anything but EMACS ... <snicker> that would weed'em out, separate the men from the girlie-boys ! <smile>

oh well...

...and if the attacks are repeated, how about a couple of mirror sites... ?

All right, what the heck are Avatars? I know about cookies and web bugs, are these Avatars yet another thing I have to worry about? Thanks and take care.

Hi Acadia,

An Avatar is that small picture that you can see at the left site beneath someone's name. Some members use them, some don't. Look for example at a posting by Paul (forum admin), and you will see someone behind a chessboard; that picture is an Avatar:

http://www.wilderssecurity.f2s.com/paulschakenklein2.jpg

Hey Paul, I used your avatar ;)

Ladies & Gents,

We are looking into a possible way to upload avatars, instead of using the "third party" way the way the board software allows right now. Could be, we cannot imply such a feature.

If so, we have two choices left:

a) no changes at all
b) disallowing avatars coming from elsewhere.

As ever, we do appreciate and value the input from our registered users. For that reason, a new poll will be started over on the "polls forum" in regard to this issue. Your vote is highly appreciated! We will evaluate this issue taking the poll results seriously into account.

regards.

paul

If you talk about web bugs the story is even stranger:
from person A on the one page and in the profile is the bug, in the original on the "third party site" is nothing, on other pages here is nothing too or from person B is, not from A or opposite.
If it would be because of being on 3rd pary systems, i can ask me why Jack, Root, Checkout and several others are "clean".
Same with the Messengers icons: from the one person they always track, from the other person on the one page do on another not at all. (ICQ and Yahoo Messenger most of all) and i dont like ICQtrace my line availability as i even disabled my own ICQ agent and don't like to be traced by another person's agent. But then: why it does on the one page and not on the other, same person, same ICQ #, in both cases not online here or no difference if they are.

And even more strange as i blocked such things in the firewall. Think it's time to read Jan's HOSTS instructions better and make that a serious item when i have time to concentrate to set it up properly.

Hello all

Is anybody eles getting pop up ad on yahoo mesanger with the "stop pop up ad"? / spyware blocker...
the address is: "vn.msie.tv/popup2.php?pin=18"
it changes the # from 2 to 3 to 5 to 6 to 14 nd sometimes still get through my blocker :(

but the pop up swatter does not always catch it.. when I looked for it on yahoo seache it was all written in german???
Does any one have any idea how to get rid of this nasty ad?

Miles

Hello Alaskamiles and welcome to the forum!
Does it come from the new yahoobar, advertising they would block all that but in reality advertise with the kind of stuff they say against which they protect you?
I never installed anything yahoo as they partnered with gator/GAIN and the whole advertisement/tracking companies lot (their newsgrouops are poisoned with all those call home code advertisements in every posting too, emails, websites, everything!)
Googlebar will help better blocking popups; your browser and firewall configuration can help with blocking or immediately expire cookies if you need to accept some.
Think a visit in JavaCool's forums overhere with the whole lot on protection will help you a lot.
Does the yahoo popup advertisement service come with popups or using the windows messenger service? In the last case you can disable that one in the control panel as you probably have no use for it at all.

And the yahoo search advertisement service . hmm do you think you have any use for it?
As long as google is not partnering with yahoo or any of the other companies (they did with something, forgot with which, sorry, hope others can tell that better) that searchbar might be a preferred choice.

My Avatar came from elsewhere other than Wilders, it was kindly uploaded for me by some of the good people here......I have no idea as to whether it came with 'Baggage' or not.....either way, if there is the least likelyhood that it may have 'Extras' with it, I have absolutely no problem with dumping it, so if it does pose a problem to anyone here.....Please feel free to remove it.. ;D ;D

Best Regards, Cochise, 8)

Cochise,

This issue will never occur whit avatars uploaded to this server ;)

regards.

paul

{QUOTE-> Cochise,

This issue will never occur whit avatars uploaded to this server ;)

regards.

paul <-QUOTE}

Thanks Paul for that....I'm glad...... :)

Regards, Cochise, 8)

My pleasure ;)

regards.

paul

It seems to me that if you have an avatar made by someone else (thanks Snap! <g> ) that they send to you as file- and then you upload that avatar from your computer to the site (Wilders, in this case) - that it won't cause any "cookie" issues.

At least that's been my experience.

However, some other sites won't let you upload an avatar from your computer like that, but they do have an option to let you upload it from a URL.

I've done that on several sites (using the url from my wilders avater) and then people reading my posts do get wilders cookies. (I don't see any way around that for them unless they simply disable seeing other people's avatars in their settings for that site, if such settings are available).

(See this thread (http://www.wilderssecurity.com/showthread.php?t=28228&highlight=avatar) )

But, a custom avatar uploaded from your own computer as a file seems to be the "cleanest" way to go. Pete

{QUOTE-> Hello all

Is anybody eles getting pop up ad on yahoo mesanger with the "stop pop up ad"? / spyware blocker...
the address is: "vn.msie.tv/popup2.php?pin=18"
it changes the # from 2 to 3 to 5 to 6 to 14 nd sometimes still get through my blocker :(

but the pop up swatter does not always catch it.. when I looked for it on yahoo seache it was all written in german???
Does any one have any idea how to get rid of this nasty ad?

Miles <-QUOTE}

Hi miles
please follow advice here

http://www.wilderssecurity.com/showthread.php?t=15913
and post a hjt log in the hijack forum

{QUOTE-> Every time you view a thread, the third party server is contacted and that contact is logged by that server. I did some tests a few months ago and I could basically tell who has read what post etc. So, cookies are not creating the issue, the issue was already there. <-QUOTE}This is a valid point, but cookies can make the situation worse since they allow a site to identify you as a previous visitor - and if you visited that site for any other reason (and especially if you had any login on that site), this could be added to your profile there. Referer information could be included also - so the worst case situation is that the third party site gets a partial picture of what threads you have read on Wilders and when (much like DoubleClick's user tracking).

Blocking external content is the best counter to this and filters like Proxomitron (www.proxomitron.info) and some firewalls (Outpost 2.1) offer this as an option. However this can throw an awful lot of babies out with the bathwater on some sites.

{QUOTE-> This is a valid point, but cookies can make the situation worse since they allow a site to identify you as a previous visitor - and if you visited that site for any other reason (and especially if you had any login on that site), this could be added to your profile there. Referer information could be included also - so the worst case situation is that the third party site gets a partial picture of what threads you have read on Wilders and when (much like DoubleClick's user tracking).

Blocking external content is the best counter to this and filters like Proxomitron (www.proxomitron.info) and some firewalls (Outpost 2.1) offer this as an option. However this can throw an awful lot of babies out with the bathwater on some sites. <-QUOTE}


I use Proxomitron as well as Firebird. A cookie control program as well as popup stopper is built in. It makes my Cookie Pal program almost obsolete.

They will never get this browser out of my hands. :D

Why not simply require all avatars to be uploaded from the users computer? It never occured to me that I could it do any other way! You could also start an avatar forum where users who like to resize, animate, etc. avatars could help out....ala what we have at dslr.

Of course, I run Proxo and either Firefox or Mozilla most of the time and I have them set to accept cookies on prompt from the originating web site only. On IE I accept all session cookies and first party cookies at prompt only and all third party ones are denied. So, I don't have this problem. :)

Actually, all avatars are uploaded to this forum for display. There are no more thrid-party linked avatars here. If you enter a URL as you avatar source, the software still uploads it to this forum rather than linking to that third-party webserver.

This thread was from Sept of 2002 before alaskamiles replied to it this morning. What this topic was about, ie. the third-party linked avatars causing cookie warnings, had nothing to do with their question. (Meaning avatars here have nothing to do with what they asked. Derek's instructions were on point as that person seems to have a hijack issue.) Everyone just read this thread as if it was still in that context, but that was all related to the old YaBB SE software and is no longer applicable here on vBulletin.

EEgads!! :D :-[ :P Duh!

Yep. I didn't even notice the dates. I was a bit puzzled though because I thought I vaguely recalled that the avatar sources changed with this new software...but then I saw this thread and decided my memory was faulty...never thinking to check the dates!!!