Mozilla Firefox Deny Cookies vs. SpywareBlaster FF Protection

Discussion in 'SpywareBlaster & Other Forum' started by squash, Aug 22, 2004.

Thread Status:
Not open for further replies.
  1. squash

    squash Guest

    How does the Firefox protection in SpywareBlaster have any advantage with Mozilla Firefox set to deny third party cookies ?...
     
  2. GlobalForce

    GlobalForce Regular Poster

    Joined:
    Jun 30, 2004
    Posts:
    3,581
    Location:
    Garden State, USA
    Hi Squash :),

    Here, have a look through this search page, it links to some earlier threads that may have previously addressed
    your question ;).

    GF
     
  3. squash

    squash Guest

    Link does not work
     
  4. GlobalForce

    GlobalForce Regular Poster

    Joined:
    Jun 30, 2004
    Posts:
    3,581
    Location:
    Garden State, USA
  5. squash

    squash Guest

    Links still don't work... aw well, forget about it... (the question i asked in this post)
     
  6. GlobalForce

    GlobalForce Regular Poster

    Joined:
    Jun 30, 2004
    Posts:
    3,581
    Location:
    Garden State, USA
  7. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    squash,

    AFAIK, the idea is that if you are somehow redirected or lured to the "evil" sites, then it would no longer be a third party cookie. But because SWB added the "evil" sites to the cookie exception list (blocking them anyway), it protects you from the spyware cookies.
     
    Last edited: Aug 27, 2004
  8. squash

    squash Guest

    Whats the difference between the only accept cookies from orginating site and the blacklist that spyware blaster has... what does spywareblaster protection for firefox does that, the option does not do ?
     
  9. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Let me put it another way.

    Using FF only accept cookies from orginating site.
    You visit a site. You are redirected (via javascript or one of several other methods) to a malicious website. Or you click a link that leads you to the malicious website. Either way you end up at the malicious website. The malicious website is now able to place the spyware cookie because it is from the originating site.

    Now with the SWB "blacklist" cookie exception list.
    Even if you have FF accept cookies normally (I would still only accept cookies from orginating site even with SWB). You arrive (via whatever method) at a malicious website. The malicious website is NOT able to place the spyware cookie because the malicious website is blocked in the cookie exclusion list.

    Sure, you could add all those sites manually to FF and do the same thing. But SWB has a convenient update and it doesn't take any memory resources.
     
  10. squash

    squash Guest

    But the third party cookies are loaded from the ad server and not the server that a person is visiting...
     
  11. GlobalForce

    GlobalForce Regular Poster

    Joined:
    Jun 30, 2004
    Posts:
    3,581
    Location:
    Garden State, USA
    Thanks for the walk in Devinco, and the explanations. :D

    GF
     
  12. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Normally, you visit a regular website with advertisers that try to drop a third party cookie. If that is the case, then the Firefox only accept cookies from orginating site (shown in Tools/Options/Privacy/Cookies/for the originating website only) would be sufficient.

    You asked:
    The answer to that is in post #9. Companies that drop spyware cookies have already shown a lack of moral fortitude. What is to stop them from taking another step down on the moral ladder if all it takes to get their spyware cookie in place is a little malicious redirection? SpywareBlaster, that's who! :)

    Of course, you could set FF to ask for each cookie. But every site will ask, so I set it to accept for current session only.

    Hope this helps.

    P.S. Thanks GF :)
     
  13. squash

    squash Guest

    Then SpywareBlaster wouldn't really need a must-need because if i set firefox to accept only from originating site and clear cookies regularly and before i go to sites that require me to input personal info like passwords etc... i would be fine...
     
  14. Lurkerellla

    Lurkerellla Guest

    So you have never gotten kookies, except when you put in a name and password? You must have bad luck, I never do that and get kookies every where I go, and where I don't plan to go! Are you sure about this?
     
  15. squash

    squash Guest

    ah... you don't know what i mean...
    what i meant was...

    1. set firefox to only accept cookies from originating websites
    and then i regularly clear my all cookies... whether they are good or bad... from firefox before i go any website which requires me to enter personal information

    whats so hard to understand about that... ?! :p
     
  16. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    squash,

    I think you will be fine with SWB or without. It's just a matter of preference. On the overall scope of things, cookies are more related to privacy than security. I do not know however, the full potential of spyware cookies.
    I have recently read about some javascript exploits to grab cookies to steal passwords.
    Unless they do a redirect as I mentioned, it would be fine. Even if they did, as you said you regularly empty your cookies, the spyware cookie wouldn't be there too long.
    For me, I will use SWB because it uses no resources, is easy to update, is set and forget, and it works.
    Besides, I think one should always accept and eat good cookies. They're delicious! *puppy*
     
    Last edited: Aug 29, 2004
  17. GlobalForce

    GlobalForce Regular Poster

    Joined:
    Jun 30, 2004
    Posts:
    3,581
    Location:
    Garden State, USA
    Posted by Devinco :
    I'm with you! :D

    GF
     
  18. Jennipoo

    Jennipoo Guest

    How do I accept cookies with Moxilla after I have denied it for a site. I tried putting the site on exceptions and it still won't work....can anyone helpo_O
     
  19. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Hi Jennipoo,

    If you are using the Mozilla web browser (which is different than the Mozilla Firefox browser), then I can't help.

    But if you use FF (Firefox), Go to Tools/Options/Privacy/Cookies/Exceptions...
    Locate your website in the list. If it shows block, then click on remove site. Click OK, OK. Visit the site again and it should place the cookie.

    Unless you are using some other cookie blocker, or a firewall that blocks cookies, Pest Patrol's-cookie patrol, etc. If one of those are also blocking the cookie, then you will need to put the website in the "white list" of the respective cookie blocking program.
     
  20. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    One difference between browsers and third party privacy applications is their ability to cope with encrypted (https) websites. Since the traffic is encrypted, this means that active content (cookies, Javascript, ActiveX, etc) will only be visible when decrypted by the browser, preventing many third party utilities from filtering them (see The Dangers of HTTPS for more details).

    Whether SpywareBlaster will function with encrypted websites or not will depend on how it works - if it alters Firefox's own settings (like it does with IE) then it should, if it tries to monitor web traffic separately then it will not.
     
  21. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Thanks Paranoid2000,

    That is a really useful thread and an important security concern.

    From what I know of SpywareBlaster, it modifies the Firefox settings directly by adding websites to the Firefox cookie exception list (blocking them). In that case, it should work with HTTPS.
     
  22. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Thanks for the info Devinco.

    In that case, SpywareBlaster should be as effective as Firefox's own settings, so it then becomes a question of what SB's presets and user interface offers.
     
Loading...
Thread Status:
Not open for further replies.