Computer Security Weekly, January 31, 2000
Special "Turn Off Your Cookies" Issue
Those who prize privacy have been worrying about Web cookies for years. Those who use cookies have been saying that they are harmless, and only contain minimal data that couldn't possibly be used to find out things about individuals. Privacy advocates have been responding that aggregated data could be used to build profiles, or could be linked to other databases.
Turns out the privacy advocates were right. DoubleClick, the largest distributor of banner ads, bought Abacus Direct recently, and got access to a database of 90 million names. Now DoubleClick has admitted that it already has been combining the profiles.
To turn off cookies:
- In Netscape Navigator, 4.0 and later:
Edit|Preferences|Advanced|"Disable Cookies" - In IE, 4.0 and later:
View|Internet Options|Advanced|Security|Cookies|"Disable all cookie use"
Users of other browsers will need to consult their documentation. Also, note that there is apparently
no existing way to disable cookies in WebTV.
DoubleClick Admits to Profiling of Surfers
Web Ad Blocking
Opting Out
Privacy Forum
Using regular expression searches with VBScript on
Internet
Information Server (IIS) running under
Windows NT, an NTBUGTRAQ reader got a variety of crashes. Seems rather a simple thing to have caused such trouble.
The
US National Archives had a
crash on its mail system. The backup system failed as well, and they lost an estimated 43,000 messages. The report, unfortunately, seems quite incoherent. Perhaps they sent it by email.
The
Rhode Island arrest warrant system has bad data in it. In fact, it had bad data in it before it was upgraded, but they still used it for a while,
arresting at least eight innocent people.
A 16 year old cracker grabbed what appears to have been the password file for 200,000 users of Pacific Bell's Internet service. By the time authorities caught him, after he bragged about his exploits in an online forum, he'd decrypted 63,000 of the accounts. (
This sounds like a brute force decryption attack, effective only against poorly chosen passwords.)
http://www.latimes.com/business/20000112...
Another
Y2K bug: computers at register offices in the UK are
refusing to accept 2000 and are printing 1900 on birth certificates.
A popular, but rather aging, freeware satellite predictor,
SatTrack 3.1, has gone complete gaga. In fairness, the newer, but not free, version is working fine.
WinOrbit 3.5 for Windows seems to be working OK, except that if you want to print a range of passes, be careful. The default "NOW" button fills in as "00," which the programs
The copyright of the article
Computer Security Weekly, January 31, 2000 in
Computer Security is owned by Robert Slade. Permission to republish
Computer Security Weekly, January 31, 2000 in print or online must be granted by the author in writing.
Go To Page:
1
2
Articles in this Topic
Discussions in this Topic
Latest Articles