THE LATEST REPORT ABOUT COOKIES from JupiterResearch advises that Web sites would do well to stop relying on tracking cookies placed by third parties for analytics. That is, sites should serve cookies from their own domains to keep track of data ranging from passwords to which pages users viewed. "Aggressive anti-spyware applications .... are widely deployed and extremely effective in removing third-party tracking cookies," states the report, written by Eric Peterson. "Although adopting first-party cookies is not a panacea, site operators are strongly encouraged to do so immediately."
It's not just Jupiter Research that's urging less reliance on third-party cookies. Yesterday, business and technology journalist Adam Penenberg wrote a column in online magazine Slate.com calling for marketers to eliminate tracking cookies.
First-party cookies generally remember information about users' behavior on the site that serves them. For instance, the cookies served by Amazon.com remember users' names, billing addresses and pages viewed within the site.
But third-party cookies potentially keep track of information about users as they surf a variety of Web sites. Among other uses, these types of cookies can be used to categorize users based on their Web-surfing behavior--a technique that some ad executives rely on, but that consumers seem to increasingly view with misgiving.
That misgiving is playing out as cookie deletions. Until this year, many in the online industry took for granted that consumers didn't give cookies much thought one way or the other. Certainly, few harbored the notion that consumers bothered deleting cookies. But in a Jupiter Research report from this spring, Peterson showed that users actually were erasing cookies, with around four in 10 deleting cookies monthly.
While it doesn't require much computer sophistication to delete cookies manually, consumers also use software programs to erase cookies--and those programs especially target third-party cookies, according to the report.
Still, despite the erasures, large media and e-commerce companies continue to use third-party cookies to a surprising degree. Of 12 leading Web sites examined by Jupiter Research, just two--Amazon.com and Travelocity.com--only used first-party cookies.
Tuesday, November 8, 2005
Thursday, November 3, 2005
Cookies (the Online Kind) Can Be Good for You
NEW YORK -- Judging from the rising number of computer viruses, online phishing scams and incidents of Web-based identity theft, it is little wonder that consumers are growing increasingly frightened of becoming a victim on the Internet. This widespread fear among consumers has caused many Web users to become wary of even the most trusted Web sites they visit, as well as some of the basic technologies that for years have served to enhance the Web experience.
In fact, one of the clear victims of this wave of fear has been the much-maligned Internet cookie.
Cookies are small elements of data that Web sites store on visitors’ Web browsers in order to provide them with a more tailored user experience. Cookies recognize a user’s Internet browsing behavior and can be used to display information in response to this behavior, as well as remember Web site passwords and preferences, and personalize specific pages, content, banner ads, and promotions that appear on the site. Perhaps most importantly to an Internet user, cookies are used by advertisers to limit the number of times that a particular user sees the same ad creative, and by Web publishers to limit the number of pop-up or pop-under ads that a user receives per day.
For example, cookies can reduce the chance that a 25-year-old single male is served an ad for diapers when he goes to his favorite sports site. Web sites also use cookies to better understand Internet traffic patterns so they can enhance the user experience and provide more relevant information about their products and the content available on their site.
Cookies are not dangerous or malicious, but widespread confusion has lead many consumers to view them as just that. In fact, a survey conducted in early 2005 by JupiterResearch found as much as 39% of U.S. Web surfers delete cookies from their computers at least once a month, with 17% erasing cookies once a week and 10% cleaning them out daily.
Many in the online advertising industry believe the reason so many consumers are taking precious time to eradicate cookies from their system is simply misinformation or lack of understanding. In fact, marketers at a recent Network Advertising Initiative conference in New York identified consumer education as central to proactively addressing the issue of cookie deletion.
“The popular misconceptions consumers have about cookies have lead them to be unfairly associated with spyware and other malicious software,” explains David J. Moore, chairman and chief executive officer of 24/7 Real Media, a provider of global online advertising services.
“Average consumers don’t understand the purpose and benefits of cookies, nor do they the basic limitations of the information they can provide, so they mistakenly label cookies as something that is bad,” Moore adds. “The bottom line is that cookies play an important role in creating a positive Internet experience, and the online advertising industry must to do a better job of educating consumers that cookies are good for you online.”
According to Moore, here are some of the most prevalent myths about cookies:
Myth #1: Cookies, like worms and viruses, are harmful to Web users and their computers.
Fact: Cookies are not harmful. Unlike worms and viruses, cookies cannot damage your computer or the data saved on your hard drive. They are simply tiny text files, placed on a computer by a Web server and are only readable by the same server that placed them.
Myth #2: Cookies are another form of spyware bent on stealing sensitive personal information and invading a Web user’s privacy
.
Fact: Cookies contain only basic information such as a user’s browser type and IP address, or information that the user has voluntarily supplied, such as a stored passwords or preferences to customize a favorite site. Unlike spyware or computer viruses, cookies cannot be configured to do anything more than track anonymous Web user behavior.
Myth #3: Disabling or deleting cookies results in a safer, more enjoyable Web experience.
Fact: This is not true – in fact, cookies are what make the Web a more enjoyable, personalized experience. Without cookies, Internet users would have to remember all the passwords to all the different sites they visit. They would not be able to receive customized content, such as news, stock prices, sports scores or weather, and online shopping would be very cumbersome -- if not impossible. Instead, consumers would receive irrelevant information and content, such as advertising that fails to correspond with their personal interests and needs. In addition, disabling or deleting cookies does not make Web users safer from viruses or other similar online threats.
Myth #4: Cookies only serve the interests of online advertisers.
Fact: Cookies are beneficial to all Internet users -- advertisers, online content providers and consumers -- but in different ways. Like TV and radio, much of the Internet is supported by advertising. To keep content on the Web free for consumers, online publishers need to generate advertising revenue, and advertisers need to reach the right audience. Cookies help to do this more effectively while making sure that consumers are not getting bombarded with irrelevant or duplicative ads, content or promotions that can diminish the quality and value of the Web surfing experience.
“Consumers need to understand that retaining cookies will provide them the optimum online experience and foster the continued improvement and positive evolution on the Web,” Moore says. “As online publishers’ revenues increase, so will the quality and quantity of the site content they make available to consumers. The increased retention of cookies will also help ensure that the sites people visit remain free of subscription charges – something most consumers will agree is good for everyone on the Web.”
Source: ARA Content
In fact, one of the clear victims of this wave of fear has been the much-maligned Internet cookie.
Cookies are small elements of data that Web sites store on visitors’ Web browsers in order to provide them with a more tailored user experience. Cookies recognize a user’s Internet browsing behavior and can be used to display information in response to this behavior, as well as remember Web site passwords and preferences, and personalize specific pages, content, banner ads, and promotions that appear on the site. Perhaps most importantly to an Internet user, cookies are used by advertisers to limit the number of times that a particular user sees the same ad creative, and by Web publishers to limit the number of pop-up or pop-under ads that a user receives per day.
For example, cookies can reduce the chance that a 25-year-old single male is served an ad for diapers when he goes to his favorite sports site. Web sites also use cookies to better understand Internet traffic patterns so they can enhance the user experience and provide more relevant information about their products and the content available on their site.
Cookies are not dangerous or malicious, but widespread confusion has lead many consumers to view them as just that. In fact, a survey conducted in early 2005 by JupiterResearch found as much as 39% of U.S. Web surfers delete cookies from their computers at least once a month, with 17% erasing cookies once a week and 10% cleaning them out daily.
Many in the online advertising industry believe the reason so many consumers are taking precious time to eradicate cookies from their system is simply misinformation or lack of understanding. In fact, marketers at a recent Network Advertising Initiative conference in New York identified consumer education as central to proactively addressing the issue of cookie deletion.
“The popular misconceptions consumers have about cookies have lead them to be unfairly associated with spyware and other malicious software,” explains David J. Moore, chairman and chief executive officer of 24/7 Real Media, a provider of global online advertising services.
“Average consumers don’t understand the purpose and benefits of cookies, nor do they the basic limitations of the information they can provide, so they mistakenly label cookies as something that is bad,” Moore adds. “The bottom line is that cookies play an important role in creating a positive Internet experience, and the online advertising industry must to do a better job of educating consumers that cookies are good for you online.”
According to Moore, here are some of the most prevalent myths about cookies:
Myth #1: Cookies, like worms and viruses, are harmful to Web users and their computers.
Fact: Cookies are not harmful. Unlike worms and viruses, cookies cannot damage your computer or the data saved on your hard drive. They are simply tiny text files, placed on a computer by a Web server and are only readable by the same server that placed them.
Myth #2: Cookies are another form of spyware bent on stealing sensitive personal information and invading a Web user’s privacy
.
Fact: Cookies contain only basic information such as a user’s browser type and IP address, or information that the user has voluntarily supplied, such as a stored passwords or preferences to customize a favorite site. Unlike spyware or computer viruses, cookies cannot be configured to do anything more than track anonymous Web user behavior.
Myth #3: Disabling or deleting cookies results in a safer, more enjoyable Web experience.
Fact: This is not true – in fact, cookies are what make the Web a more enjoyable, personalized experience. Without cookies, Internet users would have to remember all the passwords to all the different sites they visit. They would not be able to receive customized content, such as news, stock prices, sports scores or weather, and online shopping would be very cumbersome -- if not impossible. Instead, consumers would receive irrelevant information and content, such as advertising that fails to correspond with their personal interests and needs. In addition, disabling or deleting cookies does not make Web users safer from viruses or other similar online threats.
Myth #4: Cookies only serve the interests of online advertisers.
Fact: Cookies are beneficial to all Internet users -- advertisers, online content providers and consumers -- but in different ways. Like TV and radio, much of the Internet is supported by advertising. To keep content on the Web free for consumers, online publishers need to generate advertising revenue, and advertisers need to reach the right audience. Cookies help to do this more effectively while making sure that consumers are not getting bombarded with irrelevant or duplicative ads, content or promotions that can diminish the quality and value of the Web surfing experience.
“Consumers need to understand that retaining cookies will provide them the optimum online experience and foster the continued improvement and positive evolution on the Web,” Moore says. “As online publishers’ revenues increase, so will the quality and quantity of the site content they make available to consumers. The increased retention of cookies will also help ensure that the sites people visit remain free of subscription charges – something most consumers will agree is good for everyone on the Web.”
Source: ARA Content
Wednesday, November 2, 2005
Privacy for Sale
When you surf the Internet, you leave footprints everywhere you go. Google conceivably knows every term you've searched for and every e-mail you've sent and received. Cookies greet you when you return to a site and track your movements when you stay within its pages or visit affiliated sites. Your ISP knows who you are and where you live or work whenever you get online.
This tracking continues far from your computer. The hundreds of publicly and privately owned surveillance cameras within a 10-block radius of my office capture my image when I buy a falafel or read a book in Washington Square Park. If you talk on a cell phone or send text messages from your PDA, your provider knows where you are. The same goes for when you pay for socks with a credit card or get cash from an ATM.
As the battle to provide ads better-targeted to online consumers intensifies, our information becomes more valuable to online marketers and publishers. Web surfers also fear that identity thieves are on the prowl for their personal data. The government is a potential bogeyman, too: As fears over terrorism intensify, the feds may find your personal data irresistible. In 2003, Congress scuttled the Total Information Awareness program, which would have enabled the Pentagon to mine millions of public and private records to search for indications of terrorist activity. But that doesn't mean the effort to combine databases has stalled—it's just been redirected.
So, how can we protect ourselves? We're going to have to pay for it. In the same way we fork over a few extra bucks a month for caller ID block and an unlisted phone number, we'll pay for anonymity in other areas. Privacy has become a commodity. The more our personal information gets out there, and the more valuable it becomes, the more incentive there will be for companies to shield it on our behalf.
There's a good chance you already have a personal firewall or a spyware remover installed on your machine. But there are loads of other products that can do everything from masking your IP address—kind of like driving in a car with a fake license plate—to scrambling your data so that anyone trying to intercept it will encounter gibberish, to services that claim to expunge your personal information from a whole range of databases and search engines. Some do what they say they can do. Others don't.
For $29.99, Acronis Privacy Expert Suite will wipe your hard drive of all traces of Web surfing. Anonymizer.com offers an array of products that do everything from masking your identity by routing your Web traffic through secure servers to encrypting your wireless connection. GhostSurf, a competing product, provides "an anonymous, encrypted Internet connection" that erases any trace of your surfing "to Department of Defense standards." Encryption schemes like PGP will let you send e-mail securely so that even if hackers intercept it upstream, they won't be able to read it. A program called SafeHouse will fully encrypt your hard drive to ensure that if your laptop is stolen, your data won't be.
Not everything that comes at a price can do the job. A new service called DeleteNow vows to expunge your personal information from search engines, databases, and directories for $2.99 a month. The company says it uses searchbots and a "deletion module" to search for and destroy information in databases and on the Web that its client doesn't want dispersed in the ether. But DeleteNow's claims are a bit exaggerated. It can't simply delete information from third-party Web sites—all it does is automate the process by which any user can ask that a page gets removed from a particular search engine. Believe me: If Google didn't remove its CEO Eric Schmidt's personal information from search results after the company raised a stink with CNET, it's not going to remove yours.
Not all privacy enhancers cost money. Some free Web-based services help those who simply want to control their information because they don't want "The Man" to have it—marketers, the government, whoever. Bugmenot offers communal logins and passwords—the password "liberalmedia" for the New York Times and the e-mail nypostisfuckingretartedforrquiringregistration@suckme.com to access the New York Post, for example—that allow users to avoid providing personal information at sites that require free (but annoying) registration. But the model that Hushmail, which offers snoop-proof e-mail, has adopted will probably hold sway in the future. The company gets you in the door by offering free e-mail accounts but then offers a number of different services that cost money.
Of course, it's possible that these services go too far. Do most of us really need to encrypt our hard drives so that pictures of our kids don't fall into enemy hands? The most important question, though, is whether it's right that individuals have to bear the economic burden of protecting their anonymity online. Shouldn't our own personal default settings be set on privacy?
Perhaps, but consider that the free flow of information online lowers the cost of doing business. It makes it easier and more cost-effective for marketers to find us and for publications to target ads based on our interests, which lowers prices for everyone. Those who opt out of receiving cookies, for example, are altering what has become the natural state of the Internet. Just like you don't assume you'll be anonymous when you walk down the street, you shouldn't assume you will be in cyberspace. No one would expect to get a funny-looking hat and a pair of dark sunglasses for free. You shouldn't expect to get the digital equivalent without paying for it, either.
This tracking continues far from your computer. The hundreds of publicly and privately owned surveillance cameras within a 10-block radius of my office capture my image when I buy a falafel or read a book in Washington Square Park. If you talk on a cell phone or send text messages from your PDA, your provider knows where you are. The same goes for when you pay for socks with a credit card or get cash from an ATM.
As the battle to provide ads better-targeted to online consumers intensifies, our information becomes more valuable to online marketers and publishers. Web surfers also fear that identity thieves are on the prowl for their personal data. The government is a potential bogeyman, too: As fears over terrorism intensify, the feds may find your personal data irresistible. In 2003, Congress scuttled the Total Information Awareness program, which would have enabled the Pentagon to mine millions of public and private records to search for indications of terrorist activity. But that doesn't mean the effort to combine databases has stalled—it's just been redirected.
So, how can we protect ourselves? We're going to have to pay for it. In the same way we fork over a few extra bucks a month for caller ID block and an unlisted phone number, we'll pay for anonymity in other areas. Privacy has become a commodity. The more our personal information gets out there, and the more valuable it becomes, the more incentive there will be for companies to shield it on our behalf.
There's a good chance you already have a personal firewall or a spyware remover installed on your machine. But there are loads of other products that can do everything from masking your IP address—kind of like driving in a car with a fake license plate—to scrambling your data so that anyone trying to intercept it will encounter gibberish, to services that claim to expunge your personal information from a whole range of databases and search engines. Some do what they say they can do. Others don't.
For $29.99, Acronis Privacy Expert Suite will wipe your hard drive of all traces of Web surfing. Anonymizer.com offers an array of products that do everything from masking your identity by routing your Web traffic through secure servers to encrypting your wireless connection. GhostSurf, a competing product, provides "an anonymous, encrypted Internet connection" that erases any trace of your surfing "to Department of Defense standards." Encryption schemes like PGP will let you send e-mail securely so that even if hackers intercept it upstream, they won't be able to read it. A program called SafeHouse will fully encrypt your hard drive to ensure that if your laptop is stolen, your data won't be.
Not everything that comes at a price can do the job. A new service called DeleteNow vows to expunge your personal information from search engines, databases, and directories for $2.99 a month. The company says it uses searchbots and a "deletion module" to search for and destroy information in databases and on the Web that its client doesn't want dispersed in the ether. But DeleteNow's claims are a bit exaggerated. It can't simply delete information from third-party Web sites—all it does is automate the process by which any user can ask that a page gets removed from a particular search engine. Believe me: If Google didn't remove its CEO Eric Schmidt's personal information from search results after the company raised a stink with CNET, it's not going to remove yours.
Not all privacy enhancers cost money. Some free Web-based services help those who simply want to control their information because they don't want "The Man" to have it—marketers, the government, whoever. Bugmenot offers communal logins and passwords—the password "liberalmedia" for the New York Times and the e-mail nypostisfuckingretartedforrquiringregistration@suckme.com to access the New York Post, for example—that allow users to avoid providing personal information at sites that require free (but annoying) registration. But the model that Hushmail, which offers snoop-proof e-mail, has adopted will probably hold sway in the future. The company gets you in the door by offering free e-mail accounts but then offers a number of different services that cost money.
Of course, it's possible that these services go too far. Do most of us really need to encrypt our hard drives so that pictures of our kids don't fall into enemy hands? The most important question, though, is whether it's right that individuals have to bear the economic burden of protecting their anonymity online. Shouldn't our own personal default settings be set on privacy?
Perhaps, but consider that the free flow of information online lowers the cost of doing business. It makes it easier and more cost-effective for marketers to find us and for publications to target ads based on our interests, which lowers prices for everyone. Those who opt out of receiving cookies, for example, are altering what has become the natural state of the Internet. Just like you don't assume you'll be anonymous when you walk down the street, you shouldn't assume you will be in cyberspace. No one would expect to get a funny-looking hat and a pair of dark sunglasses for free. You shouldn't expect to get the digital equivalent without paying for it, either.
Experian's 13 steps to get and keep safe online
1) Buy a recognised anti-viral program and set it to auto-update regularly. Free software is also available but carries no warranty.
2) Use anti-spyware software to protect against Spyware and Trojan software. Also, set your browser preferences only to accept cookies you recognise and wish to install. Many cookies are quite legitimate but others can act as spyware or Trojans – you can often tell from the name, which might contain words such as access, ad, tracker, backdoor, burrow or exe.
3) A personal firewall helps prevent Other users accessing your PC while you’re connected to the internet - but ensure it is swithched on.
4) Regularly install any operating system patches and fixes to keep your system security in place – you should be able to instruct your computer to check regularly.
5) Only use WiFi or Bluetooth in places, and with devices, you trust. Many wireless networks are not encrypted, so anyone with a little knowledge could eavesdrop. Keep your device in non-discoverable mode when you are not using WiFi or Bluetooth and use a personal identification number (PIN) to keep the device secure. Do not connect into non-secure access points in public places. If you must, do not send any sensitive information, such as your login details.
6) Do not reply to phishing e-mails, which are designed to look as though they come from your bank or an on-line service provider. They may ask you to confirm your account details, such as account number and password. They are always fakes- no reputable organisation will ever ask you to send this type of information. If you get an e-mail, never reveal this information and if you want to tell the organisation that is being imitated, call them using the official number on their legitimate website or use a directory enquiries service – the numbers on a phishing e-mail or fake website will be false, too.
7) If you receive mail from people or organisations you do not know, delete them and, if possible, inform your e-mail supplier that they are spam. Do not open any attachments – these are likely to carry viruses. Your anti-viral software should alert you or automatically delete any virus carrying messages. Never reply to these messages because that alerts spammers that the e-mail address is valid and you will be bombarded with more messages from more senders.
8) Microsoft Office programs such as Word, Excel and PowerPoint can contain a lot of hidden information that you had no intention of sharing with other people. Some versions of Word, for example, can track any alterations and changes that have been made while writing a document, which can be revealed later. Another example is a chart embedded in a PowerPoint document that can include the entire Excel workbook containing the chart’s data. Use plug-ins to strip documents of hidden content or convert them into pdfs. Check on the Microsoft site, www.microsoft.co.uk, for available plug-ins for your version of Office. There are several free pdf makers available and Apple Macintosh users will find a pdf maker built-in to OS X.
9) Information does not disappear when you place it in your computer’s waste basket or recycle bin. Buy and use a clean-up utility to overwrite the disk space of your discarded information. Delete sensitive and personal information if you need to send your PC to a supplier for a health check or upgrade.
10) Strangers can recover the contents of unwanted hard drives, disks and tapes from old equipment. The only completely safe way of preventing others from recovering the data is physical destruction. Contact your local council recycling centre for safe disposal.
11) Portable storage devices, such as USB key rings, are not secure, so keep them as safe as you would your passport or credit cards.
12) Most of us are dependant on our PCs now, so it makes sense to copy important documents on to a CD and keep it somewhere secure.
13) Buy a home shredder to destroy anything with your name and/or address or financial information on it, including unsolicited mail. These documents could be used to steal your identity or financial details. Making this small investment in privacy means that you can recycle your paper safely – so you are doing your bit for the environment, as well as being security-minded.
2) Use anti-spyware software to protect against Spyware and Trojan software. Also, set your browser preferences only to accept cookies you recognise and wish to install. Many cookies are quite legitimate but others can act as spyware or Trojans – you can often tell from the name, which might contain words such as access, ad, tracker, backdoor, burrow or exe.
3) A personal firewall helps prevent Other users accessing your PC while you’re connected to the internet - but ensure it is swithched on.
4) Regularly install any operating system patches and fixes to keep your system security in place – you should be able to instruct your computer to check regularly.
5) Only use WiFi or Bluetooth in places, and with devices, you trust. Many wireless networks are not encrypted, so anyone with a little knowledge could eavesdrop. Keep your device in non-discoverable mode when you are not using WiFi or Bluetooth and use a personal identification number (PIN) to keep the device secure. Do not connect into non-secure access points in public places. If you must, do not send any sensitive information, such as your login details.
6) Do not reply to phishing e-mails, which are designed to look as though they come from your bank or an on-line service provider. They may ask you to confirm your account details, such as account number and password. They are always fakes- no reputable organisation will ever ask you to send this type of information. If you get an e-mail, never reveal this information and if you want to tell the organisation that is being imitated, call them using the official number on their legitimate website or use a directory enquiries service – the numbers on a phishing e-mail or fake website will be false, too.
7) If you receive mail from people or organisations you do not know, delete them and, if possible, inform your e-mail supplier that they are spam. Do not open any attachments – these are likely to carry viruses. Your anti-viral software should alert you or automatically delete any virus carrying messages. Never reply to these messages because that alerts spammers that the e-mail address is valid and you will be bombarded with more messages from more senders.
8) Microsoft Office programs such as Word, Excel and PowerPoint can contain a lot of hidden information that you had no intention of sharing with other people. Some versions of Word, for example, can track any alterations and changes that have been made while writing a document, which can be revealed later. Another example is a chart embedded in a PowerPoint document that can include the entire Excel workbook containing the chart’s data. Use plug-ins to strip documents of hidden content or convert them into pdfs. Check on the Microsoft site, www.microsoft.co.uk, for available plug-ins for your version of Office. There are several free pdf makers available and Apple Macintosh users will find a pdf maker built-in to OS X.
9) Information does not disappear when you place it in your computer’s waste basket or recycle bin. Buy and use a clean-up utility to overwrite the disk space of your discarded information. Delete sensitive and personal information if you need to send your PC to a supplier for a health check or upgrade.
10) Strangers can recover the contents of unwanted hard drives, disks and tapes from old equipment. The only completely safe way of preventing others from recovering the data is physical destruction. Contact your local council recycling centre for safe disposal.
11) Portable storage devices, such as USB key rings, are not secure, so keep them as safe as you would your passport or credit cards.
12) Most of us are dependant on our PCs now, so it makes sense to copy important documents on to a CD and keep it somewhere secure.
13) Buy a home shredder to destroy anything with your name and/or address or financial information on it, including unsolicited mail. These documents could be used to steal your identity or financial details. Making this small investment in privacy means that you can recycle your paper safely – so you are doing your bit for the environment, as well as being security-minded.
Tuesday, November 1, 2005
Cookies that don't crumble
Security is an onion that keeps growing ? and ?Smart cookies? are another ring.
Browser cookies are a simple means of tracking how a browser is interacting with a website. Each one carries some history of such events, but also basic elements of software identification.
They’ve long been a target for fraudsters intent on “cookie poisoning” (impersonating a browser session) for this reason. But make them more hardened and might they also be a good way of authenticating an actual user?
One company, Digital Resolve, claims they can, and have invented “smart cookies” which can be used as an extra layer of user authentication with a claimed high degree of security.
The deeper recesses of a smart cookies are an industrial secret, but the company will tell us that each one contains information unique to that user’s browsing, which cannot be spoofed. These would include login access patterns, married to data from the http headers.
The cookie has an “expiration system” to overcome attempts to get round it by stealing or reusing it.
It’s a great idea in principle, but you do need a system at the back end – called Fraud Analyst - to make sense of these cookies. It is transparent to the user, but not entirely transparent to the company using this sort of technology. Equally, all authentication systems have a back-end cost, so that’s not a disadvantage as such.
Solving the security conundrum posed by phishing-type fraud is going to be messy, multi-faceted, and probably quite expensive.
Browser cookies are a simple means of tracking how a browser is interacting with a website. Each one carries some history of such events, but also basic elements of software identification.
They’ve long been a target for fraudsters intent on “cookie poisoning” (impersonating a browser session) for this reason. But make them more hardened and might they also be a good way of authenticating an actual user?
One company, Digital Resolve, claims they can, and have invented “smart cookies” which can be used as an extra layer of user authentication with a claimed high degree of security.
The deeper recesses of a smart cookies are an industrial secret, but the company will tell us that each one contains information unique to that user’s browsing, which cannot be spoofed. These would include login access patterns, married to data from the http headers.
The cookie has an “expiration system” to overcome attempts to get round it by stealing or reusing it.
It’s a great idea in principle, but you do need a system at the back end – called Fraud Analyst - to make sense of these cookies. It is transparent to the user, but not entirely transparent to the company using this sort of technology. Equally, all authentication systems have a back-end cost, so that’s not a disadvantage as such.
Solving the security conundrum posed by phishing-type fraud is going to be messy, multi-faceted, and probably quite expensive.
Back Off, Adware Firms
ADWARE COMPANIES HAVE LONG COMPLAINED about software removal firms deleting their ad-serving programs. The companies argue that consumers have chosen to download the programs, which serve pop-up ads based on Web-surfing behavior, and that software removal companies shouldn't interfere in that decision. To listen to some of the companies talk, you'd think software removal programs sneak onto consumers' hard drives, hijack their systems and then delete all traces of adware when no one's looking.
Now, the adware company Direct Revenue has joined the chorus of voices calling for software removal programs to be reined in. Direct Revenue CEO Jean Maheu recently told OnlineMediaDaily that his company's end-user license agreement warns consumers that the company might intervene should a software removal company try to stop Direct Revenue from serving pop-ups.
Doing so would be a very bad idea.
If adware companies agree that consumers have the right to delete any unwanted programs, what difference can it make whether they do so manually or through a software removal program?
The only answer that makes sense is that software removal programs are more efficient than consumers at deleting adware--which, of course, is precisely why consumers purchase software removal tools.
Adware companies also should remember that, in other contexts, they have defended their business model by championing the idea that consumers ultimately control their hard drives. When adware companies came under fire from publishers who argued that pop-ups unfairly competed with their ads, one of the adware companies' responses was that consumers, not publishers, own their desktops. If consumers chose to receive pop-ups, they argued, publishers had no place interfering.
But, by the same token, if consumers choose to use software removal programs to delete adware, the adware companies should back off from any attempts to stop that process.
Now, the adware company Direct Revenue has joined the chorus of voices calling for software removal programs to be reined in. Direct Revenue CEO Jean Maheu recently told OnlineMediaDaily that his company's end-user license agreement warns consumers that the company might intervene should a software removal company try to stop Direct Revenue from serving pop-ups.
Doing so would be a very bad idea.
If adware companies agree that consumers have the right to delete any unwanted programs, what difference can it make whether they do so manually or through a software removal program?
The only answer that makes sense is that software removal programs are more efficient than consumers at deleting adware--which, of course, is precisely why consumers purchase software removal tools.
Adware companies also should remember that, in other contexts, they have defended their business model by championing the idea that consumers ultimately control their hard drives. When adware companies came under fire from publishers who argued that pop-ups unfairly competed with their ads, one of the adware companies' responses was that consumers, not publishers, own their desktops. If consumers chose to receive pop-ups, they argued, publishers had no place interfering.
But, by the same token, if consumers choose to use software removal programs to delete adware, the adware companies should back off from any attempts to stop that process.
Subscribe to:
Posts (Atom)