Cookies on Wilders?

Discussion in 'General Topics' started by puff-m-d, Aug 21, 2002.

Thread Status:
Not open for further replies.
  1. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,401
    Location:
    North Carolina, USA
    Hello all,

    I have never had any cookies from this forum except for two that are used for logging in.

    I just found, when going to a particular thread ( http://www.wilderssecurity.com/showthread.php?t=3160 ), two cookies try to load on my system. They are from the following two web sites: 1.) www.news24.com , and www.new24.co.za

    Does anyone know what is up with this?

    I just thought this is very strange....... :eek:

    Regards,
    Kent

    Edited to erase my IP address which was showing up in one of the cookies shown in the attachment......
     

    Attached Files:

  2. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,401
    Location:
    North Carolina, USA
    Hello all,

    I think I have found the culprit of the unknown cookies.....

    Whenever I go to a thread where Technodrome has posted, I get the cookies attempting to get on my machine. It seems his avatar (VW) is coming from a site that has cookies attached to the image. Interesting as I have never ran into this before. Also interesting since one cookie was trying to grab my IP address to relay back to them.

    I wonder if Technodrome knows his new avatar is cookie infected :D ?

    Regards,
    Kent
     
  3. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,401
    Location:
    North Carolina, USA
    Hello all,

    If anyone is following this, try this link ( http://www.wilderssecurity.com/showthread.php?t=3158 ). Technodrome also has posted there and the cookies are there also.

    Regards,
    Kent
     
  4. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    i use to get something from Blaze's Basement...LOL...
    couldn't figure out how Blaze got me there either. :)
     
  5. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Gents,

    This can happen when using a "third party" avatar instead of a standard one coming with the board. The only work around is blocking these cookies.

    regards.


    paul
     
  6. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,401
    Location:
    North Carolina, USA
    Thanks Paul,

    I had already blocked the cookies, just had never had any cookies appear on this forum and it took a moment to figure out what was up. Once I figured they came from the image, no problem, cookies blocked. It was that at first, I had no idea what was going on and posted before I researched into it sufficiently. Never at anytime thought that the board itself was supplying the cookies....Guess my topic was a bit misleading as it sounds like I am accusing wilders of the cookies. If it came acress this way, I apologize. No offense was intended as the integrity of this board was never in question by me :D .

    Regards,
    Kent
     
  7. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    No problem, Kent ;)

    regards.

    paul
     
  8. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    I know! :D
    Sorry for that!

    Didn't like it either so I removed it. No more sweet cookies from me! :D


    Technodrome
     
  9. FanJ

    FanJ Guest

    Thanks TD ;)

    In general, not aimed at anyone in particular, not wanting to hurt anyone, and just as my personal opinion:

    I will try to block most of the third party connections that I did not ask for. IMHO people should be aware that this is a computer/internet security related forum. I simply don't understand why people post here things that force you to make third part connections without leaving it up to you to decide whether to go there or not.
    There are a few avatars here that make connections to other sites which I don't want to block (that means: I don't want to block those sites).
    Of course I don't have any problems with posting links, but then you can decide yourself whether you want to go there or not.
    I also have no problem with a personal avatar or pic, as long as it will not force a connection to another site without giving me the opportunity to decide myself whether to go there or not.
    I want to make sure that this is just my personal opinion and that I was not writing this as a mod.
     
  10. I understand where you are coming from..there are many forums and BB's that do not have storage space to up load and link to other IP's are required to fully display a page.

    You trust Wilders..but there are risks and it all depends on the type of software used to put up these Board..how well they keep up with patches to know vulnerabilities and then of course the security level of the site where these images and other links come from..and how you then are caught up in "sharing" unwillingly anything else that comes with it.


    I think you have something specific in mind ;-). I can't see where discussing it is going to hurt anyones feelings..on the contrary it ...


    It may help is dispell some Myths and in other cases help us all to be careful what we do brings to this forum..


    Last thing I would want to do is crash or exploit your system...and I do not serve cookies with milk. :D :D :D

    Tracking cookies are stale and moldy.
     
  11. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    While we are talkin about avatars and thrird parties, i'll add that since all avatars (except mine and the builti n ones) are from third party web hosts, there is a security issue regardless of cookies.

    Every time you view a thread, the third party server is contacted and that contact is logged by that server. I did some tests a few months ago and I could basically tell who has read what post etc. So, cookies are not creating the issue, the issue was already there.
     
  12. Mike_Healan

    Mike_Healan Registered Member

    Joined:
    Mar 6, 2002
    Posts:
    302
    Location:
    USA
    Some people don't realize it's happening. The host they have their image on has some sort of code that allows it to do that when the image is displayed elsewhere. Can't really understand that logic.
    I don't know if anyone else has noticed it, but IE6 will sometimes show that it has blocked 3rd party cookies when it hasn't. There are 3rd party images, but it does this from my servers too (both of them) and I know my sites don't do that. I've noticed this on Win ME, 98se, and XP Pro.
     
  13. I noticed it when I joined this forum back when it changed over to YaBB. It was also one of the reaons I left back then.
    I am back and know how I control the problem for me at least ..and I feel safe. :D :D
     
  14. Prince_Serendip

    Prince_Serendip Registered Member

    Joined:
    Apr 8, 2002
    Posts:
    819
    Location:
    Canada
    :) Hi Guys! So, if third party cookies can be bad, it would be better to use cookies from this site? Not from elsewhere. Go look at my posting in the FAQ on How to Post Your Own Pictures. Post your picture in the Testing Forum and then use it's URL to post your cookie/pics! I used ScreenHunter and Irfan Viewer. Great results, nice and clean! ;)
     
  15. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,401
    Location:
    North Carolina, USA
    Thanks to everyone for the responses!!

    Just a little sidenote....I use Opera 6.05 build 1140 with CookiePal 1.7c. This setup catches all cookies before they are on my system and allows me the choice of always accepting them, forcing them to be a session cookie, blocking them once, or putting them on my always block list. As there are several cookies that I need (ie. wilders forum), I love this combination and it works well for me.

    Also thanks for the comments on this problem being there with or without cookies (as in third party avatars). That is one reason I love this board....I learn something new here everyday!!

    Regards,
    Kent
     
  16. ht

    ht Registered Member

    Joined:
    Mar 19, 2002
    Posts:
    5
    Location:
    Black Forest
    same here. I just came visiting after several weeks "away" and was rather taken aback when Opera alerted me to the attempt to set a cookie by some obscure site... that happens here now, too ?!? Hell, who needs avatars and all that other fluff and crap, certainly no reason to compromise security -- it may be cute, but its a waste of time and I'd rather have plain ASCII anyday... (isn't there an option to turn all that time/space/patience wasting blubber off? there should be...!) there is so much obfuscating crap in these new-fangled BBSes today, when one really doesn't need anything but EMACS ... <snicker> that would weed'em out, separate the men from the girlie-boys ! <smile>

    oh well...

    ...and if the attacks are repeated, how about a couple of mirror sites... ?
     
  17. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    All right, what the heck are Avatars? I know about cookies and web bugs, are these Avatars yet another thing I have to worry about? Thanks and take care.
     
  18. FanJ

    FanJ Guest

    Hi Acadia,

    An Avatar is that small picture that you can see at the left site beneath someone's name. Some members use them, some don't. Look for example at a posting by Paul (forum admin), and you will see someone behind a chessboard; that picture is an Avatar:

    http://www.wilderssecurity.f2s.com/paulschakenklein2.jpg

    Hey Paul, I used your avatar ;)
     
  19. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Ladies & Gents,

    We are looking into a possible way to upload avatars, instead of using the "third party" way the way the board software allows right now. Could be, we cannot imply such a feature.

    If so, we have two choices left:

    a) no changes at all
    b) disallowing avatars coming from elsewhere.

    As ever, we do appreciate and value the input from our registered users. For that reason, a new poll will be started over on the "polls forum" in regard to this issue. Your vote is highly appreciated! We will evaluate this issue taking the poll results seriously into account.

    regards.

    paul
     
  20. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    If you talk about web bugs the story is even stranger:
    from person A on the one page and in the profile is the bug, in the original on the "third party site" is nothing, on other pages here is nothing too or from person B is, not from A or opposite.
    If it would be because of being on 3rd pary systems, i can ask me why Jack, Root, Checkout and several others are "clean".
    Same with the Messengers icons: from the one person they always track, from the other person on the one page do on another not at all. (ICQ and Yahoo Messenger most of all) and i dont like ICQtrace my line availability as i even disabled my own ICQ agent and don't like to be traced by another person's agent. But then: why it does on the one page and not on the other, same person, same ICQ #, in both cases not online here or no difference if they are.

    And even more strange as i blocked such things in the firewall. Think it's time to read Jan's HOSTS instructions better and make that a serious item when i have time to concentrate to set it up properly.
     
  21. alaskamiles

    alaskamiles Registered Member

    Joined:
    Jun 6, 2004
    Posts:
    1
    Hello all

    Is anybody eles getting pop up ad on yahoo mesanger with the "stop pop up ad"? / spyware blocker...
    the address is: "vn.msie.tv/popup2.php?pin=18"
    it changes the # from 2 to 3 to 5 to 6 to 14 nd sometimes still get through my blocker :(

    but the pop up swatter does not always catch it.. when I looked for it on yahoo seache it was all written in germano_O
    Does any one have any idea how to get rid of this nasty ad?

    Miles
     
  22. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hello Alaskamiles and welcome to the forum!
    Does it come from the new yahoobar, advertising they would block all that but in reality advertise with the kind of stuff they say against which they protect you?
    I never installed anything yahoo as they partnered with gator/GAIN and the whole advertisement/tracking companies lot (their newsgrouops are poisoned with all those call home code advertisements in every posting too, emails, websites, everything!)
    Googlebar will help better blocking popups; your browser and firewall configuration can help with blocking or immediately expire cookies if you need to accept some.
    Think a visit in JavaCool's forums overhere with the whole lot on protection will help you a lot.
    Does the yahoo popup advertisement service come with popups or using the windows messenger service? In the last case you can disable that one in the control panel as you probably have no use for it at all.

    And the yahoo search advertisement service . hmm do you think you have any use for it?
    As long as google is not partnering with yahoo or any of the other companies (they did with something, forgot with which, sorry, hope others can tell that better) that searchbar might be a preferred choice.
     
  23. Cochise

    Cochise A missed friend

    Joined:
    Jan 26, 2003
    Posts:
    2,549
    Location:
    North Thoresby Lincs Good Olde England
    My Avatar came from elsewhere other than Wilders, it was kindly uploaded for me by some of the good people here......I have no idea as to whether it came with 'Baggage' or not.....either way, if there is the least likelyhood that it may have 'Extras' with it, I have absolutely no problem with dumping it, so if it does pose a problem to anyone here.....Please feel free to remove it.. :D :D

    Best Regards, Cochise, :cool:
     
  24. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Cochise,

    This issue will never occur whit avatars uploaded to this server ;)

    regards.

    paul
     
  25. Cochise

    Cochise A missed friend

    Joined:
    Jan 26, 2003
    Posts:
    2,549
    Location:
    North Thoresby Lincs Good Olde England
    Thanks Paul for that....I'm glad...... :)

    Regards, Cochise, :cool:
     
Loading...
Thread Status:
Not open for further replies.