Cookies

Discussion in 'other security issues & news' started by Rmus, Jul 24, 2005.

Thread Status:
Not open for further replies.
  1. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    I've noticed from time to time people mentioning that their anti_______ program has found malicious cookies.

    I'm curious as to why anyone would permit non-trusted cookies to hang around.

    thanks,

    -rich
    ________________
    ~~Be ALERT!!! ~~
     
  2. My wife is malicious and non-trustworthy but she is allowed to hang around.
     
  3. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    My belgian TV website creates tracking cookies on my computer, but that doesn't bother me.
    Cookies are harmless as a file, only the contents can be "dangerous".

    I use CCleaner to keep my folder cookies clean.
    You can learn CCleaner which cookies you like to keep and the rest will be deleted during the next reboot or on demand.

    I heard in the past so many complicated solutions for cookies and even special
    softwares to handle cookies, but nobody told me about CCleaner, which offers
    in fact the most simple solution for cookies and it works like "set it and forget it".

    I run CCleaner always first, when I start scanning my computer for malware because I don't like it when one of these scanners report cookies.
    Scanners, restricted zones, hosts files, ... shouldn't waste their time on cookies, because CCleaner does that job already, but lots of security softwares seem to do the SAME job.

    I thought that efficiency was one of the basic rules in the computer world. Any analyst or programmer will tell you that.
    Efficiency just doesn't exist in the security world. So there is still alot of work to do.
     
  4. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi Rich,

    I have FireFox cookies set to "ask me every time" (I am constantly amazed at how many cookies a given site will try to put on my computer). Certain site require a persistent cookie in order to operate (at least for a single session). I only allow cookies from reputable sites. While I could go into my "cookie jar" and clean it out constantly, sometimes I want to leave some cookies on my system in order to make it easier to get into and out of sites (Wilders would be an example).

    However, every once in a while, Ewido will find that even a "trusted sites" is employing a tracking cookie (naughty, naughty). So I allow Ewido to clean it up. It's like cleaning my house. It is not possible to get all of the dust out - no matter How I may try. ;)

    Rich
     
  5. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    You can also let your browser do the work. Here, it deletes all new cookies on exit unless I choose to keep them (just a few clicks operation). I think all the newer versions of browsers have a "manage cookies" tool.

    Same here. The only ones kept are those from my trusted and/or secure sites (Wilders, Amazon, banking, etc.)

    So, with various methods available, it doesn't seem that an anti____ program should ever have to find a malicious cookie on the system. That was my original thought.

    -rich
    ________________
    ~~Be ALERT!!! ~~
     
  6. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I fully agree.
    Don't have anti___scanners better things to do than removing tracking cookies ?
    These scanners are supposed to detect/remove malicious malware.
    According my readings, some of these scanners detect, but don't remove certain malwares.
    That's a problem, that needs to be solved in stead of collecting cookies like stamps.

    If a website produces only tracking cookies and nothing else, it shouldn't be blacklisted in restricted zones or hosts files either.
     
  7. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,055
    Location:
    The Netherlands
    I always delete all my cookies (except for a few) after or during a browsing session with Cookie Monster. And I only allow "first party cookies", I´ve disabled "third party cookies". ;)
     
Loading...
Thread Status:
Not open for further replies.