White House denies security specialist's claim that its web site issues cookies in possible violation of government policy.
December 30, 2005
The White House on Friday denied published reports that it uses small programs, called cookies, to track the movement of visitors on the White House web site.
Web software security specialist Richard M. Smith and the Associated Press reported that the White House web site, through a web analytics contractor called WebTrends, was using cookies that were specifically banned by a two-year-old directive issued from the Office of Management and Budget.
David Almacy, the White House Internet director, denied that the White House web site is issuing cookies to any visitors to its Web site, but confirmed the site does keep track of what pages are viewed and for how long with the help of WebTrends. He blamed Mr. Smith’s software, called a packet sniffer, for the confusion.
“What was happening was that users that visited other WebTrends sites picked up WebTrend cookies from these other sites,” said Mr. Almacy. “Mr. Smith’s packet sniffer program then assumes that because we use WebTrends our site placed the cookies on his hard drive.”
Mr. Smith dismissed the White House responses as “very predictable” and called it a “do not inhale excuse.” He noted that such third-party cookies still allow tracking across multiple sites.
Associated Press writer Anick Jesdanun wrote that while the White House doesn’t issue cookies, it employs a tiny graphic image called a “web bug” sent by WebTrends that allows the company to know when a specific page is viewed on the White House site.
“The only information we track is what pages are being viewed and we count site visits and the length of time each visitor spends on our site,” said Mr. Almacy. “We don’t track any personal information about the user.”
Mr. Smith and the AP reported earlier this week that the National Security Agency’s web site was issuing cookies to web visitors (see NSA Caught Serving Cookies). The NSA said that the cookies were being distributed unbeknownst to the NSA staff because of a recent software upgrade. The agency said it had taken care of the problem.
Cookie Assurance
Cookies are small files placed on computers by web programs residing on sites visited by those computers. They were originally designed to hold identifying information to make web surfing easier and faster.
Today cookies are used to store all kinds of information, including the content of a web surfer’s electronic shopping cart. Many web surfers are concerned about the lack of privacy involved in the surreptitious placement of cookies on their computer hard drives.
They are helpful, for the most part, but they carry the potential for abuse because they can monitor and document the activities of web surfers.
“No information is gleaned from cookies on a user’s computer on our web site,” said Mr. Almacy.
“We are not allowed to use some of the advanced web technology available to others because of the privacy concerns that we are committed to.”
No comments:
Post a Comment