Slashdot Mirror
NSA Caught With The Cookies
zardo writes "The associated press is reporting that the NSA is putting cookies on visiting computers. Apparently it is unlawful for the government to put anything but a session cookie out unless it's expressed in the site's privacy policy." From the article: "Don Weber, an NSA spokesman, said in a statement Wednesday that the cookie use resulted from a recent software upgrade. Normally, the site uses temporary, permissible cookies that are automatically deleted when users close their Web browsers, he said, but the software in use shipped with persistent cookies already on. ... In a 2003 memo, the White House's Office of Management and Budget prohibits federal agencies from using persistent cookies _ those that aren't automatically deleted right away _ unless there is a 'compelling need.' A senior official must sign off on any such use, and an agency that uses them must disclose and detail their use in its privacy policy."
From TFA:
Honest enough mistake, right? Not, really, as it's happened before.
Here's a snippet from a 2002 Associated Press article (available here):
(Disclaimer: Yes, I am aware that the CIA and the NSA are different agencies. However, that shouldn't preclude one learning from the other's foul-ups.)
So either one or both agencies in question are simply incompetent, or lying to us. Which do you think is more plausible?
____
~ |rip/\/\aster /\/\onkey
Clearly someone made a mistake. If the NSA wanted to track you, they wouldn't leave it to browser cookies. They try to make the 203x expiration date seem like a big deal, but that's how you do "permanent" cookies for logins and such.
"So either one or both agencies in question are simply incompetent, or lying to us"
I know, how dare they place a cookie on my machine! No other site in the intarweb does!!
Don't you think you overreacted just a little??
Cookies are easy to delete. This is hardly a "Your Rights Online" issue. Jeez.
Because we know that the people in that agency, even more so their IT dept., know absolutely nothing about how computers work.
I guess they were spying on a lot more than 35 people, unless these cookies were discriminatory, which I don't think they were.
Purple, because ice cream has no bones.
I bet they're working for the NSA. If not, they're incompetent or liars, or both!
The NSA is stamping your PC with the Mark of the Beast, a... cookie? So if you ever visit a NSA website again they'll know it's a return visit? This is useful... how?
Oh, this is all about riling up room-temperature-IQ journalists (I'll be charitable and note I mean Fahrenheit) into another hissy-fit over the fact that Bush is still president. Never mind. Go read some history.
"Unlawful"???
"NSA"???
Did I mistakenly click on a link for the Onion?
So the NSA's gotta hold a bake sale now to fund a wiretap?
They should probably make a provision for this in the Patriot Act, or have they already? At least that would make its illegitimacy legitimate in the eyes of the law.
yes, because the thing I fear most about the NSA, with their acres of listening stations, underground football fields worth of humming supercomputers, and small armies of intelligence agents, is the cookie that they placed on my computer while browsing their website....
need glasses, anyone?
We recently learned that the NSA could be listening to any of our phone conversations. This is insignificant in comparison.
Socialism: A feeling of discontent and resentment caused by a desire for the possessions or qualities of another.
White House's Office of Management and Budget prohibits federal agencies from using persistent cookies _ those that aren't automatically deleted right away _ unless there is a 'compelling need.'
If they can tap phone calls whats wrong with dropping cookies?
NSA caught with cookies?
We'd like to discuss this with you in person. You know those New Year's plans you were making yesterday from your Cingular phone, from approximately 4:27PM to 4:34PM? Consider them cancelled. How does a quick trip to Bulgaria grab you, instead? No need to pack, and we've already got the flight ready.
NSA has configured their webserver to track visitors in a "LOG" file. They keep the time, your ip address, where you visit, your browser and other information. What are they doing with this, you ask? They are ... MAKING STATISTICAL GRAPHS!!!! Alert Drudge, alert the New York Times... this baby's about to break wide open.
Ok. Let me get this straight. We don't want our government websites to contain persistent cookies, but every other website in the world (including sites with malicious intent) can have persistent cookies? Why is this a big deal? Don't like it? Then delete the cookie or disable cookies alltogether. It's not rocket science.
This is all messed up. We're basically giving more rights to malicious websites than we are to government agencies.
-Nick
"A plan fiendishly clever in its intricacies"- Homer Simpson
Just set your browser to delete cookies when you close the browser. I think that is a basic setting on any browser. Now, if they had some kind of "supercookie" that you couldn't delete, that would be more interesting. Or if you tried to delete it and the Department of Homeland Security came knocking on your door.
Honestly, though, there are plenty of sites that install cookies. If you don't like them, delete them. It is as simple as that.
Why Baath would Iraq I be kill on insurgency the Hamas NSA's London website Israel anyway?
How come if the government breaks the law, they get off with stopping the action and an apology? I should try this when they accuse me of a crime.
"Sorry, officer. You're right, I was going to sell these 30 pounds of crack to some schoolkids. But it's okay, as long as I throw it away and promise not to do it again. Right?"
seriously...it's a freaking cookie. it's not like doubleclick where hundreds of thousands of websites have an iframe that is capable of reading your cookie and tracking your browsing habits. even if they decide to track it across all government owned websites, it's nothing they couldn't already do with simple logfile analysis.
i'm sure if the NSA wanted to track your every move 1) They already are 2) You don't know it and 3) There isn't anything you can do about it.
NSA Cookies don't scare me. What scares me is the idea that the NSA could get my ISP's records, or Google's data. All of that would give them a lot more info than my NSA cookie.
All they need to get the data that Google has gathered is a court order.
http://www.thebricktestament.com/the_law/when_to_
I've now seen a bunch of comments modded down as trolling despite their being reasonable comments by people who just happen not to wear tin foil hats. If this article freaks you out or upsets you and seems like an important rights issue, great! I'm glad you're interested in defending your rights and by extension all of our rights. Thank you! But, don't by modding suppress the opinion of many who feel this isn't some stunning/shocking/scary revelation. That many feel the issue isn't a major one is itself an important thing to know.
As for me, Carnivore and all the recent "unlawful" wire taps scare me, a permanent versus a session cookie, not so much.
Quincy
Don't vote for Eugene Papansanovich for Congress!
The so called illegal wiretaps were in fact legal. Liberals and their pet media have spun the wiretap issue into something it is not. The President and the NSA had bipartisan congressional oversight of any and ALL wiretaps performed. Now the cookie thing is illegal and should be investigated.
If Kerry was the answer, it must have been a stupid question.
The UN - The largest "political" cause of death.
Security and encryption - to protect us from our own government.
Are you...Are you some kind of genius?
No, ma'am, I'm just a regular Slashdot reader.
So the NSA could use session cookies to track visitors to THEIR website across multiple vistis?
Big freaking deal.
Do people not get that? The cookie was issued by nsa.gov, and could only be read nsa.gov, and in no way could track a user's movements across "teh intarnets." The NSA could use it to see if you'd been to their site before.
If they NSA wants to know where you've been, they'll just subpoena Google. Their cookies are all over the place.
Maybe I'm lacking some information on cookie spcifications, but I was under the impression that cookies can only be read/written by the web site that you are visiting unless there are links to other sites, such as advertising sites, that manipulate cookies. This is of course how you can visit a site but then get cookies from 24/7 media, AdServer, and others. But the cookies cannot be arbitrarily read by other web sites unless there is some kind of partnership going on. Again, this is the impression that I was under regarding general cookie use. So, if that's correct the NSA cookie is not even an issue when you visit other web sites unless they're specifically looking for it -- like any of them would.
/. But this to me is nothing more than unnecessarily putting some fuel on an already smouldering dislike for the current administration, courtesy of an ill-informed and/or careless IT person at the NSA, in the hopes that a large, anti-NSA and more generally anti-current-administration fire will grow out of it.
Okay, so the NSA puts a permanent cookie on the system. Why is this an issue? It's not a security breach; it's not a cross-advertising cookie that tracks where you go. There's not one of us who has installed software and went over every configuration setting with a fine-toothed comb, particularly with off-the-shelf software, at one time or another. Cookies are also easily removed and can be blocked on future visits. Of course, the web logs themselves can get the IP address of everyone who visits, so even if you block cookies, the NSA can still tell exactly when a specific IP address contacted their site.
I realize that the U.S. government, particularly the current administration, is not a favorite of the Slashdot crowd and that this will be (and has already been) touted as "yet another flagrant policy violation!!!" by political opportunists here on
Just my two cents. Convert to your currency as necessary.
The Overrated mod is for reversing inappropriate, positive mods, not for voicing disagreement with a post.
The NSA is a big powerful agency, and we are correct to be concerned with their power. But this just isn't a big deal. Its a bad law, almost certainly written with little or no understanding of the technology involved, and I'm completely confident that this was an honest mistake by the NSA. Do you think the uber spies in the NSA are running their website? I mean, I'm sure they're pretty sharp, but at the end of the day they're IT guys like thousands of IT guys everywhere, and they upgraded some software with unanticipated side effects.
Cookies BAD!!! Bad NSA Bad!!! btw, its pretty sad I had to edit this post to take out the all caps on all of five words because I couldn't get past the "lameness filter". Lameness filter == lame
The road between democracy and tyranny is paved with secrecy in the name of security.
Oh No! Slashdot has set 36 cookies on my computer. Is Cowboy Neal in league w/ the NSA???
First of all, their office of management and budget made this policy. A pencil pusher/bean counter policy that is hard to keep up with in the real world that their IT staff has to follow, not them. I agree 100% with the parent. They probably have a million regulations they have to follow, with many many employees spread all over the map, with software from 3rd parties, with countless people who probably don't even know this policy exists there.
The reality of it is, the CIA/NSA/Whatever has a billion other much more effective ways to track you. Their intention was obviously wasn't to track people, and they immediatly removed it after it was brought to their attention. I hate our current administration, but this is just some fucktard news reporter that is up 'n arms about the wire tapping escipade. I do not agree at all with the wire tapping, but this has ABSOLUTLY NOTHING TO FUCKING DO WITH THAT. I can't believe the reporter is such a fucktard that he couldn't spend 2 minutes to research cookies and what they are. Setting cookies far into the future is the de-facto way to keep a cookie on your computer a long time. Most cookies that aren't set as session cookies are set to dates 10 years or more in the future, way more than the computers expected lifetime. The reporter has no clue what he's talking about and should be slapped like a bitch. I hate reporting like this because then it takes away from things we should be legitimitly concerned with. People get an overflow of bullshit news and many can't pick out the real from the fucktards like this guy.
If an officer ever threatens to taze you, say you have a pacemaker.
This is obviously an attempt by the reporter to blow things out of proportion. The article is quite misleading to the non tech-savvy reader. A cookie sent to your computer by a website can be access only by that website. The cookie can only contain information from that website. Meaning that this limits NSA's ability to track you to which pages you have visited on THEIR site. Now, I understand how some people feel that even this is a violation of their privacy, but when my brother read the article, he got the impression that by the use of these cookies, NSA was able to track where he went online, not just on the NSA site.
Wow! I got cookies from my mom, my aunt, and my cow-orkers, but I didn't know NSA was doing that. That's nice of them. I'll have to visit their site and pick up some.
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
This was the missing link in the puzzle...despite all the capabilities of the NSA (I know, I work there as a contractor), they needed cookies to finally put it all together. Haven't you noticed your favorite spam links and porn sites often redirect you to nsa.gov? That's so they can install that cookie on your machine. It's not just any cookie, it's super-persistent! If any piece of your clothing brushes up against your computer then you become trackable by satellite.
Obviously there are severe repercussions for my revealing this information so I must post this AC. Don't worry about me, though, I dropped all my clothes in the mail so I can't be tracked now.
Your analogy is wrong.
On its face, your point may seem 'interesting' or 'insightful', but that is only because you are ignoring the fact that U.S. government websites are not like every other website. Government websites are extensions of the state.
We don't want the NSA/CIA/government websites to contain persistent cookies,
IN THE EXACT SAME WAY THAT WE DON'T WANT THE NSA WIRETEAPPING US.
Instead of comparing this to "every other website in the world", try comparing the behavior to every other government in the world.
The issue isn't necessarily about cookies, it is about principles. The principle being that the U.S. Government does not track or snoop on its citizens.
[Fuck Beta]
o0t!
A follow up investigation would show that a large blue hairy monster was responsible for placement of the said cookies. When questioned about this monster Don Weber stated that it was a "... new and innovative method of extracting information for security purposes ..." more than this he could not say.
This law may be silly, but they need to get congress to change it first, they can't just ignore it while they go about their business of monitoring other peoples' compliance with the laws.
I hear that NSA mail servers have also been decoding headers on all email received, including from the general public!
Evil is the money of root.
I know, I work there as a contractor
No, you worked there as a contractor. All of your ties with the NSA have now been severed, Mr. Johnson.
-- The NSA
So either one or both agencies in question are simply incompetent, or lying to us. Which do you think is more plausible?
Wow! The fact that you're even asking this is a clear indication that you have never worked in any government entity. All levels of government - federal, state, and local - are loaded with incompetency and attempt to lie to the public whenever such lying is "in the public interest" or covers their asses.
You also seem to have some notion that as soon as you become a government employee that you are going to somehow assume and retain all legal ramifications based on all existing laws just by being hired. Management changes happen. Staff changes happen. The notion that all government employees of all levels will be aware of all rules and regulations regarding all functions is highly naive. For all we know, the installation of this supposed "off-the-shelf" software was the first task of a new, NSA intern in the IT department.
I know that you dislike (hate?) the current administration, but this is absolutely a "mountain out of molehill" scenario in the grand scheme of things.
The Overrated mod is for reversing inappropriate, positive mods, not for voicing disagreement with a post.
Considering the provisions of the Patriot Act, wire tapping, internet tapping, unauthorized surveylence, and the US government spying on it's citizens, leaving persistent cookies "by mistake" is a really small issue. What are they going to do? Track the fact I play EverQuest online? Anybody who's compitent enough to either block cookies or delete them should have no problems. IMHO, this article's intention is to provide more embarrasement on the current government. "Oooh, the government's spying on you...". Guess what? They already are. This is nothing new.
It is not our abilities that show what we truly are... it is our choices.
Because it is against the law.
Prosecuting the "lying about blowjobs" was all about maintaining the "rule of law" for Republicans a half-decade ago.
But maintaining the "rule of law" no longer applies with Republican administration? That's what I'm getting from you in your post.
If the NSA did this, they broke the law. Doesn't matter if it is a stupid law. All my conservative friends told me in 1999 that the "rule of law" reigns supreme, no matter how minimal the offense.
Sorry... I'm not letting the Bush-apologists off the hook when the tables are turned.
"I have as much authority as the pope, I just
don't have as many people who believe it" - George Carlin
The real, frightening question is why the NSA apparently:
1). Put software into production without checking all the settings
2). Put software into production without fully testing it
3). (probably) used software which they don't have the source to, and thus don't know if there are any backdoors.
I am worried about it from a National Security perspective - NSA using cookies worries me far less than Microsoft doing it - but the above issues could expose the NSA, and hence the USA to attack.
With software companies outsourcing to countries with less stringent security and more people hostile to our interests, there is a greater risk - although even without outsourcing, compromising a software company is still a severe risk.
Perhaps the government should require people to get security clearances if they work at Microsoft, etc in any capacity where they can compromise the code. Perhaps they should use Open Source. I know of a Linux distribution they might want to use.
P.S. NSA is a lot of crypto geeks who do a very important job protecting all of you - and is made of people a lot like most of you. They aren't cold blooded killers who whack you for speaking out. Sorry to disappoint you.
Yea, I've been to previous bake sales.
Great place to get tinfoil so I can line my room.
And the brownies are great, but don't even think about asking for the recipe.
[Fuck Beta]
o0t!
There are other tricks. Did you notice that the CIA agents who did illegal things for former President Nixon were "former" CIA employees? When someone is discovered, he or she becomes a "former" employee. In that case, President Nixon was allowed to leave office, and was pardoned by the next president. The illegal acts were discovered only by accident.
A government that does anything in secret is not a secret government. Also, those who are willing to take a secret job are often amazingly psychologically unstable.
The U.S. government has decided that it can secretly force companies to help in surveillance. This means that companies in the U.S. cannot be trusted.
The problems caused by secret action are called "Blowback" by some in the U.S. government. Blowback is not seen as a bad thing, because if decreases the political stability in the world, which means that employees of U.S. government secret agencies will get raises and promotions. See the link to the book "Blowback" below.
Tips: Don't say "we", as in a U.S. citizen saying "we" kill Iraqis. When there is secrecy there is no "we". Don't think there is violence over oil. The violence is over who gets the profit from selling the oil. Oil is sold on the open market; the price is determined by the market. Before Saddam Hussein got some of the profit from selling Iraqi oil. Now many of the contracts involve citizens of the United States.
The following books show some of the history of the U.S. government's secret agencies, and help explain much of the underlying reasons for U.S. government violence in the Middle East. Often the secret agencies have acted for special interests and against the good of the people. For example, the CIA overthrew the democratically elected president, President Mossadegh, because he wanted his country to receive more of the profit from oil pumped from his country. The U.S. government's political interference eventually resulted in a violent revolution in Iran, and a determination by Iran to strike back.
Unholy Wars: Afghanistan, America, and international terrorism by John K. Cooley, 2000, Third edition, Pluto Press, London, England and Sterling, Virginia, USA. Reviews: Powell's Barnes & Noble Amazon
Osama bin Laden is "the personification of blowback". You can read more about how the CIA created a political climate very supportive of Osama and his ideas in an article by Jane's, a very well-respected publication devoted to military issues. The article was published 3 days after the second World Trade Center bombings, on September 14, 2004: Why? An attempt to explain the unexplainable.
The CIA brought Arabs to the U.S. and trained them in terrorism. The rules by which al Qaeda operate seem to come from the CIA training.
Blowback: The costs and consequences of American empire by Chalmers Johnson, 2000, Metropolitan Books, New York, New York, USA. Also, there was a new edition in 2003 with a new introduction. Reviews: Powell's
Slightly off topic and rather tinfoil hatted but with the way things are going in the White house are you going to trust putting the game 'America's Army' on your PC? Lord knows, what they have or may put into that game to spy on your PC.
You got cookies? I got fruitcakes! If the NSA starts giving out these, I say it's time for revolution.
quiquid id est, timeo puellas et oscula dantes.
Because it is against the law.
So is speeding. Don't tell me that you have never done that.
So is downloading music/software that you didn't pay for. Don't tell me that you have never done that.
So are a number of other laws that should have been taken off the books long ago that people don't care about and law enforcement doesn't bother to enforce. They're all against the law as well.
The fact that you are expecting every employee at every level to be fully knowledgable of every law and every ramification for every action does nothing more than show that you are on a witch hunt.
And for the record as much as I disliked Clinton even I knew from the start that the whole blowjob issue was overblown (no pun intended) and an unnecessary witch hunt that was doomed to fail. So, stop being childish by lumping those of us who see this issue for the security pittance that it is as "Bush apologists".
The Overrated mod is for reversing inappropriate, positive mods, not for voicing disagreement with a post.
law? They were guidelines in a memo. show me the bill passed by congress that says "The NSA cant use cookies with its website". No, I think the GP had it right. This is a total non-story of some webmaster at the NSA who aparently wasnt aware that using common webtools was against their guidelines.
"In the game of life, someone always has to lose. To me, if life were fair, that someone would always be Oklahoma." -DKR
enough weapons of mass destruction, and did we find enough terrorists by eavesdropping innocent citizen's phones that the most important left to do is bash NSA on having persistent cookies vs session ones?
Actually the Brooklyn Bridge terror plot was discoverd by one of the NSA wiretaps of Iyman Faris.
If NSA needs a cookie to figure that out (and if Abdul is visiting nsa.gov from Afghanistan and DC), then neither Abdul nor NSA are doing their respective jobs.
I'm going with neglect on the part of the website administrator here. Stupid default settings in applications, plus benign neglect in the brains of users, equals embarassment. Always has, always will. Unless...
~adjusts phase coil on tinfoil hat~ /dev/null /dev/null, and where NSA complied with my orders only under protest.
If, however, I was trying to divert attention from a serious abuse I'd performed, I'd release a story exactly like this. It's got the word "cookie", which is about as high-tech as Joe Sixpack ever gets about security, so he can get all upset -- and it's simultaneously a non-issue, which means everyone from the Blogosphere to Dan Rather can trot out an "expert" to tell Joe Sixpack that if this is the NSA at its most dastardly, then he has nothing to fear even if he's got something to hide
~readjusts phase coils~
and the story I'd release would be the same, whether or not I was NSA, looking to divert attention from the fact that I wanted to trawl through the set of data originally destined for
~tweaks fnord emitter~
or whether I was the Party official who ordered NSA to do stop dumping all that good stuff into
They don't call it the puzzle palace for nothing.
Lockpicks and hardware keyloggers - to get passwords from geeks who think security and encryption will really protect them from someone who wants to get their information.
It's not against the law. It's against White House policy, "In a 2003 memo, the White House's Office of Management and Budget prohibits federal agencies from using persistent cookies ... blah blah blah." Wow, so the Bush Administration, whom you are so keen to slam as soon as you see an opening, was who set the policy that those cookies *weren't* supposed to be persistent.
I stole this
Sued by the state of Texas under the stalking laws, Doubleclick has made extensive use of cookies.
With the Office of Homeland Security having a former officer of Doubleclick on staff, it's a pretty good guess that the government sees their sort of information gathering technology as useful.
Doubleclick handles banner ads on a huge number of websites.
I wouldn't put it past them to be buying the purchasing data from every chain store that has a member discount card. Do/will RFID chips in our tires get scanned at intersections? If it is possible, and potentially useful, shouldn't we expect it to happen unless there are laws to prevent it?
Have you ever had to answer a bunch of questions when applying for a purchase rebate?
Someone is using or selling that info.
How much gathering, sale and use of data on us reasonable? What should be legal?
What about the damage done to us when info from the data collectors is used for identity theft?
Who passed these laws allowing opt-out privacy policies at banks and insurance companies?
Where does the Auto Club get off tying in with MBNA sending out credit card mailings?
because we know that the NSA's website it their top priority.
Don't take life so seriously. No one makes it out alive.
"Don't worry about me, though, I dropped all my clothes in the mail so I can't be tracked now."
Maybe not electronically, but all they have to do now is look for the naked guy who bought all those stamps.
Comment is incredibly insightfull. Aside from the fact that if you check your browser there will hundreds to thousands of persistent cookies, Aside from the fact that cookie management is widely regarded to be the responsibility of the user, This is completely a non issue unless someone can proove that the NSA went to the trouble to track the cookies outside of their website.
Once again it prooves the left has gone completely bonkers. If the NIH found that Sarin or BZ could cure cancer the story would read Bush administration makes unwise use of chemical weapons.
I'm alot more worried about suspects being shipped off to secret prisons and tortured than I am about cookies.
Sometimes I ended up helping friends with computer problems. The most annoying to deal with are the ones which equate cookies with virus's due to media hype, "I can't get my stock quotes" "you need to have cookies turned on for that website" "COOKIES?! Are you kidding they can see everything I do, even watch me have sex with my wife" "But you don't even have a web cam" "You need to do some reading young man [when your almost 40 thats almost flattering], here look at this www.paranoidnutjob.com, see! Don't go putting me at risk by recommending that I accept cookies! A friend wouldn't do that to a friend, your no friend of mine! Your an agent for the greys!" "ummm I I guess your meds have run out, I just remembered I left a candle burning at home, got to run."
Wow, talk about overstating it! In which way do you think sending a cookie is similar to selling crack? There isn't any *law* against federal agencies sending cookies, it's just a policy from the OMB.
Other than political reasons-- for which this should be exploited to the hilt in order to frighten the credulous even more about the policies of the dictatorial and illegitimate Bush administration--
Other than those reasons, being afraid of the NSA because of cookies is like being afraid of thermonuclear war because it might muss your hair.
They eavesdrop all electronic communications. They can crack cryptography in realtime. If they want to, they can have you disappeared to some torture prison in a foreign country where you will divulge anything in order to get the agony to stop.
And these fuckwits are worried about a persistent cookie.
Intolerance for ambiguity is the mark of the authoritarian personality.
Its a COOKIE. Get over it already.
Here will be an old abusing of God's patience and the king's English.
So is speeding. Don't tell me that you have never done that.
yeah, I have. And I've gotten tickets when I've gotten caught. Rule of law prevailed.
So is downloading music/software that you didn't pay for. Don't tell me that you have never done that.
Actually, I never have. But if I have, and I got caught, I should pay the consequences (according to the "rule of law" Republicans).
So are a number of other laws that should have been taken off the books long ago that people don't care about and law enforcement doesn't bother to enforce. They're all against the law as well.
Law enforcement doesn't care to enforce? Have they stopped giving out speeding tickets? Has the RIAA stopped taking music pirates to court? What memo did I miss?
The fact that you are expecting every employee at every level to be fully knowledgable of every law and every ramification for every action does nothing more than show that you are on a witch hunt.
No... I wish consistency from my Republican brethren when it comes to holding an administration accountable to the "rule of law". That's all we heard from Republicans throughout the Clinton presidency.. "no President is above the law" and "when the branch of government that is supposed to uphold the laws of the nation is guilty of breaking them, then impeachment is not only correct.. but necessary." and crap like that.
The Bush administration is not above the law just because you like him. Hold your president to the same standards you held the previous one that you DIDN'T like. Be consistent.. don't by a hypocrit. That's all I'm asking from my Republican brethren.
"I have as much authority as the pope, I just
don't have as many people who believe it" - George Carlin
Shows what you know...my name is Smith, not Johnson. Hah!
Worst slashdot story ever...till the dupe.
"In the game of life, someone always has to lose. To me, if life were fair, that someone would always be Oklahoma." -DKR
Dear NSA:
RTFM.
Don't Tread on Me
Then kindly quote the law which was approved by the House, approved by the Senate, and signed by any President that makes the usage of permanent cookies on any government web site a violation of federal law. I know of no law and thus far none of the anti-Bush, or in your apparent case anti-Republican, crowd has been able to bring forth the bill that placed that restriction into law.
Clinton lied under oath. That is a violation of established law. But unless you can bring forth the bill from Congress that made permanent cookies illegal, the phrase "no President is above the law" doesn't apply at all.
The Overrated mod is for reversing inappropriate, positive mods, not for voicing disagreement with a post.
There is No Such Agency.. nothing to see here... [you will be photographed and monitored from this point forward]... It is a figment of your imagination.. Go home and read Milton Friedman like good little Americans...
In fact, one of the nice additions in Firefox 1.5 is the automatic cleaning of cache and cookies when one closes the browser.
Wasn't there an article about ad companies trying to convince people to keep the cookies on their system so there could be a more accurate assessment of online advertising? Oh yeah, here it is.
Then there is this article which was never posted from five months prior which says basically the same thing.
Yes, the NSA 'accidentally' was putting cookies on peoples systems but since people delete cookies anyway, this is one time I don't see the big deal (aside from the whole Big Brother issue).
We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
[Fuck Beta]
o0t!
For example, if they want someone killed, they may have an Israeli secret agency do the work. That way they can claim innocence.
No, the assassin is hired through an ad in Soldier of Fortune by CIA operatives pretending to be Israeli agents. If the op goes sideways, the Israelis don't know about it, but get blamed for it. In the end, the dufus soldier of fortune is left to swing in the breeze.
Crime without Conviction: U.S. Makes Deals With Corporate Criminals Instead of Prosecuting2 9/151220
http://www.democracynow.org/article.pl?sid=05/12/
Corporations that commit securities and accounting fraud can now expect to get sweetheart deals from the Justice Department, and they don't face public exposure for their misdeeds. We speak with Russell Mokhiber of Corporate Crime Reporter.
From TFA: The House on Wednesday is expected to adopt the compromise version of a fiscal 2002 Treasury-Postal Service bill, H.R. 2590, that would expand privacy protections for people visiting federal Web sites and provide funds for crime-fighting technology.
It's an article from 2001 that states that the House is expected to adopt this provision. Please provide the document that states that this particular clause not only made it into the bill, but that the bill was approved by both houses of Congress and that President Bush actually signed it.
After that, please show me the test that all government employees have to take proving that they are fluent and fully-versed in the millions upon millions of rules and regulations to which they need to adhere and the ramifications thereof for violating any such rules and ramifications.
I also expect to see that various documents thus proving that all levels of management are also refreshed on a regular basis of the policies and violation ramifications. After all, we would not want them to forget any of the millions of laws and policies that they have to adhere to, would we?
It was wrong when the Republicans went on a witch hunt against Clinton who admitted to breaking the law - lying under oath. Just because the tables are turned does not make it less of a witch hunt nor does it make said witch hunt "less wrong".
The Overrated mod is for reversing inappropriate, positive mods, not for voicing disagreement with a post.
Who stole the cookie from the cookie jar?!
NSA stole the cookie from the cookie jar!
Who me?!
Yes you!
Couldn't be!
Then WHO?!!
White House stole the cookie from the cookie jar!
*** NSA has been kicked by White House (fuck you i didn't touch the motherfucking cookie, bitch)
In Soviet Russia, backwards is everything.
How you got modded as insightful I don't know. Here let me answer those questions for you.
1) Because shit happens in IT no matter how good you are. They were in all likelihood turned on during the testing phase, and someone forgot to turn it off when they took it live.
2) What gives you any impression that it wasn't tested fully before deployment? Nothing in the article or in real life every day IT work even suggests that.
3) God forbid a product with closed source, it must be the devil! I guess the world should take all of those CISCO routers offline that are all over the world you twit.
Bottom line, it's the damn web server, it's not like it is wired into the uber-secrete internal systems. Sheesh this is such a non-issue it's pathetic. All of you tinfoil hat wearing people should just practice safe web-surfing habits and have cookies disabled by default. Oh and as for your P.S. remark, well that is half right, that applies to analysts but not to the field agents, many of which are active duty military people on loan and many others with a background in Special Operations.
For fucks sake! The only thing you can see all over the internet for the past week is how they put a version of DCS-1000 on steroids on backbone routers with the switch permanently set to "everybody" and "on", and your worried about FUCKING COOKIES. Idiot! P.S....feel that little lump on your neck? That is the microprocessor/gps module that they put there.
Nice to know that even government agencies are subject to stupid, pointless government regulation.
Privacy advocates nitpicking about cookies is like a minority group overplaying the race card to the point where actual and horrific cases of racism becomes ignored or rejected.
All I care about is any govt or company taking the necessary precautions with my personal info so that crooks cannot abuse it. And by crooks, I include those rare cases where employees/leaders of said entities might be the abuser.
What we should be talking about is:
1. what precautions are taken so that any personal info collected about US citizens cannot be abused by corrupt politicians or corrupt employees?
2. what precautions are taken so that said personal info cannot be stolen from the collecting agency by data thieves?
3. what are the auditing procedures and laws that can help quickly identify abuses and punish the abusers with at least a felony?
The abuse of non-public information about US citizen(s) for politically motivated retaliation is probably the most important reason anyone can specify about this issue.
Why isn't there a law that makes it illegal for an elected official or government employee to misuse or publicly dislose NON-PUBLIC information they collected about a US citizen?
If such legal and procedural protections were in place, I would feel much better about any info our govt collects about me and my fellow US citizens if the collection was actually done for justifiable reasons.
Another reason for concern about this is that there has been an active weakening of the separation of church and state over the past several years which is a radical departure. I happen to believe in God as well as the separation of church and state.
If a future US president was Muslim, would you feel comfortable being a Christian or Jew if the government knows that about you? Perhaps helping keep the separation of church and state would be prudent. After all, nobody has the magical power to predict what religion other people/strangers may choose in future generations.
Consider the words of the people responsible for risking their lives and founding the United States of America and other heroes in the US history (in their own words rather than how they are characterized by popular media):
"They who would give up an essential liberty for temporary security, deserve neither libery or security." -Ben Franklin.
"The United States of America should have a foundation free from the influence of clergy."
-George Washington.
"In every country and in every age, the priest has been hostile to liberty. He is always in alliance with the despot, abetting his abuses in return for protection to his own"
-Thomas Jefferson
"One day the dawn of reason and freedom of thought in the United States will tear down the artificial scaffolding of Christianity. And the day will come when the mystical generation of Jesus, by the Supreme Being as His father, in the womb of a virgin will be classed with the fable of the generation of Minerva in the brain of Jupiter."
-Thomas Jefferson (in a letter to John Adams)
"The question before the human race is, whether the God of nature shall govern the world by his own laws, or whether priests and kings shall rule it by fictitious miracles."
-John Adams, 2nd US President
"Religious bondage shackles and debilitates the mind and unfits it for every noble enterprise."
-James Madison, US President and known as "father of the Constitution"
"The government of the United States is not, in any sense, founded on the Christian religion."
-Treaty of Tripoly, article 11 (drafted during G. Washington, signed during John Adams presidency)
"My earlier views of the unsoundness of the Christian scheme of salvation and the human origin of the scriptures have become clearer and stronger with advancing years, and I see no reason for thinking I shall ever change them."
- Abraham Lincoln in a letter to Judge J.S. Wakefield
"Leave the matter of religion to the family altar, the church, and the private schools,
So many sites nowadays try to set cookies, I presume for advertising tracking. It is really annoying to visit a blog or general news site and find they want to set several cookies. Then stores --- yes, cookies are good once you have a shopping cart, but if I'm only browsing, they don't need a cookie. But apparently the Boy's Grand Book Of Websites says Thou Shalt Use Cookies and boy o boy do the students take that religiously.
Infuriate left and right
As has already been pointed out, the cookie isn't "against the law," it's against White House policy. Unless someone burned the Constitution while my back was turned, we haven't slid so far yet that statements from the White House have the force of law.
/. on company time. By your rationale, when an IT employee then visits /. on company time, the new CIO should be equally reprimanded for that.
Of course, the fact that it's the President's policies that are being violated sort of makes your whole "hold the President to the rule of law" argument somewhat irrelevant even if they did have the force of law. I mean, holding the lawmaker responsible for other people breaking the laws is a little...um, strange, shall we say.
To analogize: say a CIO is reprimanded for opening a personal email with a virus attachment and infecting the company. His replacement promulgates a policy that no employees are to visit
No matter how much it might help your "neener neener told you so" argument, the NSA setting cookies on visitor's machines in violation of governmental policy really isn't in any way equivalent to the President perjuring himself in violation of federal law.
Reality has a conservative bias: it conserves mass, energy, momentum...
With all the chatter back and forth, has anyone stopped and asked what the two cookies contained and what they were used for? If NSA's use of cookies is truly an issue, one would think that learning the purpose of the cookie would be an obvious question.
A quick visit to the website (with my browser set to reject all cookies of course) shows that there are several things the cookie might track. Saved-state information for those who submitted an application or posted their resume for consideration, saved history on a request for information using a FOIA request, a small business registering with NSA to be considered for new/upcoming contract bids, a download flag for the latest version of SELinux, or maybe even some cookie set by the flash software in the kid's entertainment section.
Agreed, as stated in previous posts, the use of permanent cookies, intentional or otherwise, violates established policy. But before we spin out of control let's ask WTF they were doing with the cookies, THEN we can go storming the castle with torches held high in righteous indignation.
You have obviously never met a Japanese Killer Mole!
Lots of people are saying that in the grand scheme of things, one little persistent cookie isn't a big deal. Just to give you my perspective:
I used to be a project manager for online contests/sweepstakes. Collect and win, probability games, sweepstakes etc. Big-name reputable clients.
Part of running these promotions required adhereing to 100% of the law, 100% of the time. Bonds needed to be purchased in various states and Canadian provinces, promotion rules needed to be legally approved and registered, all privacy laws needed to be *strictly* adhered to.
If a promotion didn't adhere to the law 100% or didn't follow the rules to the letter, guess who got the shit sued out of them? That's right, the company that was running the promotion, and us, the promotion developers.
So in my world, a persistent cookie means a lawsuit to the tune of $500,000.
Don't you think that the US government and it's various agencies should also comply with the law?
NSA Guy 1: Hey! Look at me! I'm installing cookies on your computer to track you! Over here! Check it out!
*NSA Guy 2 sneaks off and wiretaps you
Don't trust a bull's horn, a doberman's tooth, a runaway horse or me.
this is an organization of supposed straight-laced agents whose job is to snoop on people to make sure that they're in line with the law
No, you're thinking of the FBI. The NSA's job is to monitor communications to/from and between foreign entities that might expose potential threats to US security. Sure, some people physically sitting in the US may be party to those foreign communications, but the NSA is definitely not a domestic law enforcement agency.
but they can't be bothered to keep themselves in compliance with the law
I think we can pretty much guarantee that whatever contractor or team at the NSA's public relations office responsible for their public-facing web site has little (and probably nothing) to do with their actual operational mission. They, like all security agencies, are highly compartmentalized.
they can't just ignore it while they go about their business of monitoring other peoples' compliance with the laws
Well, they certainly shouldn't ignore the government's own rules about persistent cookies (silly as that is), but it's not like you're talking about traffic cops who don't put change in the parking meter. NSA spooks and analysts (and the thousands of IT people who make that agency work) probably don't give the operations of their public web site much thought at all. Can you imagine the hits they get from all the idiots of the world? The people they're really concerned about are smarter than to leave a trail from their PR site all the way back to some hotel room in Karachi.
Don't disappoint your bird dog. Go to the range.
While what you said is true to an extent, it's almost entirely Off-Topic. The NSA doesn't have anything to hide. A cookie is not all that amazing. It's true that cookies are a sometimes food but the fact that people get worked up over this is quite retarded.
Web browsers do. Everything a website communicates to the browser is is purely advisory, so if you don't like cookies, get a better browser.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
You said, "The NSA doesn't have anything to hide."
The NSA is a secret agency. Sometimes information about the secrets becomes available. However, you don't know what the NSA does, and neither do I, and we don't have any way of discovering.
The Slashdot story is about the NSA ignoring the law. That should give anyone the idea that the NSA may at other times ignore the law.
Let's face it. The after-Christmas week is a very slow news week, /. included. CNet News admits this, while is why they have barely updated their news site. Most people... Steve Ballmer, Google spooks, clueless legislators, even Jack Thompson, are all off celebrating and drinking eggnog with their families. Not much is going on, so news outlets turn to news that would otherwise not reported, for whatever reason.
This isn't a big deal, I don't think. What horrible things does a cookie do to your computer or Your Rights Online, even a cookie placed by the government. How horrible! Shame on them! The government placed not a rootkit, not malware or spyware, not a virus or a hard drive searcher, but an easily deleteable cookie! And oh the horrors, it was persistant!
Most people know how to delete cookies, some even know how to refuse them. Join the crowd.
This isn't a big deal if you think about it objectively. Do you really think that if you go to websites, you don't get cookies? I actually would have expected that this would be common practice on government websites, not out of paranoia, but because it's such a widespread and somewhat-minimally invasive practice used by webmasters to generate webhit statistics, among other benign things.
It's simply a minor webmaster goof, not an issue of trying to spy on people or track them through government sites. If the NSA was really trying to spy on people's computer use, they'd go ask CoolWebSearch or some other malware/spyware vendor to give them the results of their "information collection."
Here I must invoke Occams Razor: Given two equally predictive theories, choose the simpler. Basically, don't impute complex conspiracy where simple stupidity is more likely.
I judt got a nre Kinesis keybiartf so please excusr ant egregiou typos.
My problem isn't that they broke their own rules on the use of cookies, but that they broke their own rules. This is an Administration which has been dogged recently with allegations of potentially illegal behavior, and this is yet another sample of it. The more we let the Administration know that discovered lapses - however minor - will be reported, the more I hope they will reconsider pushing the boundaries.
Once again it prooves the left has gone completely bonkers.
I'd say it's more a statement that the current Administration has problems following its own rules - but, then, most Administrations run into that problem. Our government is designed with checks and balances, and practically everyone tries to get away with stuff. It's not that either side has gone bonkers, it's just that the side in power gets the criticism levelled on it. If they can't handle it, then they shouldn't have (a) run for office, (b) accepted the appointment, or (c) taken a government job.
Yes. It's only a cookie. That's not the point! The NSA is prohibited from doing it, but are doing it anyway. Reading my provincial hometown paper's Letters to the Editor about the illegal wiretapping issue, I expect to see nutbar responses minimizing the impact of that illegal activity. "I'm not a terrorist, so I don't care what laws are violated in pursuit of 'actual' terrorists." That's the slippery slope toward fascism, and the NSA cookie issue is just one more step. Every time the government violates its own rules and laws, it does so at the expense of your personal freedoms. This constant erosion is a death by a thousand cuts. It impacts things that slashdotters care about such as software patents and letting big business steal away our fair use rights under copyright law. Each one of these infractions allows government to become more powerful and we, the people, grow weaker. Each infraction needs to be illuminated (thank you slashdot) and punished if we are to remain free. Even those that seem minor or only effect others.
"I like to play with things a while... before annihilation!" Ming the Merciless
No, you're thinking of the FBI
;)
Dick Gordon: No, that's the FBI. We're not chartered for domestic surveillance.
Martin Bishop: Oh, I see. You just overthrow governments. Set up friendly dictators.
Dick Gordon: No, that's the CIA. We protect our government's communications, we try to break the other fella's codes. We're the good guys, Marty.
Martin Bishop: Gee, I can't tell you what a relief that is, Dick.
Fixed that for you.
Reality has a conservative bias: it conserves mass, energy, momentum...
OMG!?!? It was sumitted by Cookie Monster! He just wants all the cookies for himself! First the moon and now the NSA! When will the madness stop? ahhhhhhhhhhhhhhhhhhhhhhh
Don't know about the NSA cookies but I just went to their wwww.nsa.gov website and the first thing I saw was one of the funniest 'eagles' that I've ever seen. The eagle is draped with feathers like a kid's costume, has the obligatory stern look, a pasted-on shield covering its 'body', and is perched on a key that looks like it came out of a door from about 1910. If it wasn't on the official nsa website, I'd think it came out of one of my kid's video games. We need to cleam up all of the eagle-imagery logos used by our government agencies but the nsa one is the most cartoonish one of the bunch. If I were doing the web pages at NSA, I'd make that eagle about 4 pixels high and put it in the lower left corner instead of making it 500x500 pixels and placing it smack-dab center on the first page.
Any computer professional's complaint of spying is innately absurd.
The job of computers is to track and spy on people. They track this, track that, data mine this, data mine that, report on this, report on that, and we do it so our corporate masters can make more money. In fact, we even have a philosphical movement to build spying technology for -free-.
Here we are, a bunch of web dudes, complaining that a web site about spies uses cookies of all things, when just about every major web site also uses cookies, or, you get the same effect of cookies by playing games with the URL. You can stick the state in the URL, you can stick it in a hidden POST tag to keep it along, but somewhere along the way, we're all keeping state. Ironically, at least the cookies are most upfront about it.
We complain about the government listening in on people's phone calls without a warrant, yet, I would bet at least half of us on this board have user superuser powers on his or her company systems at one point to read another user's documents. If you are a network admin, you don't have to have a warrant to read your users' email or documents. You just do it.
We voluntarily let every detail about what we buy or sell get tracked when we purchase products electronically, but, god forbid, the government might actually keep a database itself, that's evil. Heck we write these systems. If anything, the only real concern about government spying is that we haven't gotten the contract ourselves to write the system or that it might not be written using Linux.
The solution is to not build ever more arcane systems to have things in secret, but really, we should just make everything public about anyone.
This is my sig.
Swedish media (http://www.svt.se/texttv/136.html) is reporting the cookie as being an "active cookie", supposedly tracking your surfing as you visit other sites. Headline claims NSA did illegal investigating. :)
"The Slashdot story is about the NSA ignoring the law"
Enough with the lying (or did I just get trolled?).
What law? Specificlly what federal statute was violated by their putting a persistant cookie for the NSA website? Cite US Code, section etc.
You cannot, do you know why? Because no such *law* exists. Because it was an executive order in the OMB part of the Whitehouse. I.e. a bureaucratic rule, not a law.
And aside from that, it likely was a mistake in their setup after and upgrade, not a deliberate decision. A result of ignorance or carelessness on the part of the tech staff at NSA's website (the possibility of which should be more alarming to people than the cookie!)
You do well to remember Hanlon's Razor:
Never ascribe to malice, that which can be explained by incompetence.
Esepcially when dealing with the government or any other large bureacratic organization.
You are free to ignore the facts and make up ones as you wish (looking at your links, you apparently do). But your tinfoil hat has apparently slid down and obscured your vision on this - you might want to adjust it.
Buffalo buffalo Buffalo buffalo buffalo buffalo Buffalo buffalo! http://goo.gl/J9bkO
giving the benefit of the doubt, this shows that the NSA (what does that stand for?) installs software without doing a thorough code review and without checking what features are on or off.
So it begs the question what else the NSA (wasn't that the National Security Agency?) doesn't know about the code they are installing, something I would think even the rightest of wingers would be concerned about (who wrote that code and what other default settings were left in the 'on' position...).
The cookies are domain-based to the NSA site that gave them out, so this is a non story. They can only do what most businesses do - track return visitors and web site effectiveness.
Zen tips: Pay attention. Don't take it personally. Believe nothing.
The idea of persistent cookies violates some very basic tenants of the NSA.
The guideline was issued for a point of clarity for the population, but anyone who applied the NSA mission statement to their work at the NSA would see this as obvious.
Anyone at any orginization should be applying the mission statement to all aspects of their work.
The Kruger Dunning explains most post on
They use COTS products (commerical off the shelf) and most likely contractors implemented the site. Just like every other gov't dept. in existence going through a modernization effort to make "everything a web site"--as some civilian tech savvy govvies put it (ha, a misunderstanding of the term as usual), cookies were likely left on from default settings on those commerical products. Let a [inexperienced] contractor go hog wilded on a cost plus contract and he'll put all the whiz-bang features in the site, considering half of those features will likely be useful.
This story is being blown way out of proportion.
Slashdot -- News for liberal nerds, stuff that doesn't matter unless you're liberal...
... or on drugs
He's not king... just because you like him.
But as is typical for Slashdot, you got modded with insightful just BECAUSE you don't like him. This is a POLICY - which is grounds for dismissal and disciplinary actions, but IT IS NOT A CASE OF CRIMINAL LAW because IT DOES NOT INVOLVE A BILL THAT WENT THROUGH CONGRESS AND WAS SIGNED BY THE PRESIDENT! Get your head out of your ass.
I have no problem with the NSA using persistent cookies - people get so damned worked up over a file which doesn't do much more than store user preferences, visitor frequency (what's wrong with tracking user stats? Hell, even I do that on my web sites, just so my web logs have a little more accuracy), and in the case of session cookies, your session state. It's common practice on web sites and not a violation of any constitutional rights - it's just making obvious, standardized use of a technology that was put in place for that very purpose.
What I DO have a problem with is government agencies telling citizens that the first, second, and fourth amendments were merely guidelines and they don't matter any more due to case law and unconstitutional executive orders. Things like gun control (proper gun control = making sure the citizenship is well-armed to hold back a tyrannical government, and I'm ashamed to admit I don't own a single gun), illegal wiretaps (uh, Dubya, mechanisms are in place for constitutionally-sanctioned secret wiretaps. Use the secret court sessions to obtain wiretaps. Put select justices on call for such things, but don't bypass the courts, because that goes against your oath to preserve and protect The Constitution of The united States of America, which is basically treason), illegal search and siezure, and abatement of freedom of the press and freedom of political expression ("free speech" areas are bullshit, as are made-on-the-fly rules regarding sign sizes, etc. just so you can "justify" arrest of smelly hippies - as misguided as some protestors may be, they have an inalienable right to tell you they think you're a prick), and abatement of the freedom of worship)
Also: You don't need court orders to wiretap non-citizens who are here illegally. They have no rights except out of the kindness of your heart. Deport the f*ckers and encourage LEGAL immigration following legal, well-established processes. EVERYONE here is an immigrant from somewhere else (including so-called "native" Americans) so I don't believe in shutting down immigration, but to encourage people who are willing to become worthwhile members of society to come here and work.
The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
...if they have to reach this far to manufacture a scandal. I guess the whole "lying about WMD's" thing is losing traction when the public can increasingly see democracy, freedom of life, and freedom of speech blossoming in two nations which just a few years ago were two of the most tyranical regimes on the planet.
If you care about the truth, never take an AP story at face value. This story does everything it can to convince you, just short of outright lying, -- as it apparently did convince the OP -- that non-session cookies on government websites are "unlawful". I can assure you that there is nothing in the U.S. code that refers to cookies on web pages. The only story here is that a gvt agency published a web page that wasn't up to par with the guidelines provided for them in a frickin memo from the White House. (Although it would have been up to par if they had gotten permission first.
On the one hand this sort of story is disgraceful, but on the other hand if it makes a few more people aware of what "the media" is all about, I guess it's for the best.
You should know better than to submit (A) any "news" that could enflame anti-Bush, Slashdot rhetoric, (B) any "news" that would shed even the slightest of negative on anything related to Republicans, and (C) any "news" that could warrant tin foil hats on Slashdot. In this case, you got to mix all three!!
:)
A virtual hydrogen bomb you've created! --Whoops!-- I hope no NSA cookie picks up that I mentioned "hydrogen bomb" in a Slashdot thread.
The Overrated mod is for reversing inappropriate, positive mods, not for voicing disagreement with a post.
This may be redundant, but has anyone considered that (in the vein of "renditions") cookies could be deployed to and from servers and sites NOT based on Continental US soil?
i ng military...
I think what is really going on here is the story is a red herring, a smoke screen. The real deal is probably something like this: You visit any sites that are owned or controlled by the various cognizant agencies; their related, tributary or ancillary sites then aggregate the disparate cookies and build a picture.
Really, Carnivore, Echelon, Echevore, Carnilon or whatever the hell they first two morphed into are not just sitting around sifting legally-obtained data. If they deliberately route your packets out of the US then scan and sift or just parse for later evaluation the data overseas then, THAT could be a far more attractive tool or technique for the black ops agencies.
Probably not much the ACLU or others could say about it. I wouldn't be surprised if some of the sluggishness from my own ISP is related to massive sifting and churning through data coming into and leaving San Francisco.
But, even if "the bad guys" surf from Afghanistan with one laptop and it receives cookies, why should they care? Rag-tag asymmetrical fighters or not, they've got **just** enough funds to toss a laptop after one use. Why be dumb (and, many of them are not dumb, but are pretty careless) and reuse a trackable, discardable device? They can go to a flea market, 2nd hand store or other place and pick them up like hammers and screwdrivers. Except here, as long as they use cash, they're blowing wind across the breadcrumbs, obfuscating or confusing the data trail.
Sheesh, just think as if you're writing a suspense thriller that HAS to enthrall or engage a perceptive, discerning audience. Think Perry Mason or something back in da day when shows were crisp and tight, and had less of the ratings-sweeps bullshit formulaic stuff in them.
The solution: Fix the screwed up foreign policies; stay out of others' business; do a little check-book diplomacy; bust a cap in the ass of companies that try too much "expand or die" in countries that only fester in hate and resentment; let the "target" countries see their mouthpieces die of natural causes and let the remaining, anxious, envious kids who grow up make the decisions to join the world market; stop FORCING foreigners to "do it our way or da highway". Nooo, I guess that would take the fun and game out of making and selling weaps; would steal or abort missions from intramural gamesmen looking for an existence-justifying/trooper-hardening/skills-hon
Just some random thoughts...
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
or lack of from USofA 'news' media http://www.gnn.tv/articles/2003/NSA_Spied_on_U_N_D iplomats_in_Push_for_Invasion_of_Iraq
Sorry but this is a non story. They are just cookies. When they found out that the upgrade hadn't gone according to plan, they immediately fixed it. I am more worried about their extensive wire tapping. Jesus get a clue.
Thalasar
Can you Bush haters spare the shrill accusations and made up facts for at least once!
Executive Orders are not laws. The NSA did not break the law.
As far as Clinton goes, the impeachment was about a lot more than the blow job your side spins it as. It was about an entire pattern of abuses of power that include:
a) the mysterious deaths of senior cabinet officials
b) using the IRS audit as a means to go after political enemies
c) pardoning known terrorists
d) involving the USA in Kosovo, without the consent of congress.
e) refusing congressional subpoenas for white house documents
f) deleting all of the white house email, in total violation of a congressional subpoena and numerous court orders
g) taking campaign contributions from the chinese
h) using public buildings for fundraising
Conversely, Bush has not broken -any- laws.
This is my sig.
Amazing, a website that uses tracking mechanisms to record the browsing habits of its visitors..this surely is an Earth shattering discovery..NOT
"OK now kids - let's all put on our tinfoil hats.."
In this new global war on terrorism, it is vital that the government have the cookies it needs to track and catch terrorists. Remember the attacks on 9/11 that took the lives of nearly 3000 americans. You're either with us or with the terrorists. Cookies will allow is to monitor for WMDs in rogue states around the globe. The hijackers on 9/11 might have been stopped by the use of cookies, but we will never know. Stay the course, support government cookies. God bless America and nowhere else.
Talking points: Because evidence has no place in a political debate
If the NSA were putting *anything* on computers for tracking, statistics or anything else, don't you think it would be something other than cookies? They have access to all the latest technology (including stuff we've probably never heard of - or were meant to hear of) and the best they can do is cookies?
Also, if they were truly trying to "spy" on people, do you really think that they'd let this story surface in any form? I realize that freedom of speech is granted by the constitution, but speech can't be done if the knowledge manages to....disappear.
Sorry, not a law. An executive order is being ignored. If you visit the NSA web site, and don't know how or forget to delete cookies, you are being tracked.
The U.S. government's present problems with corruption are aided enormously by people who pretend to discuss politics but in fact are acting out their anger. They haven't read any books. They haven't educated themselves, although they parrot things said by other angry people, which may make them seem educated. They make very strong statements, and they try to intimidate people with an informed view.
Who gives a FLYING fuck about cookies when they are spying on Americans with the Presidents full support.
Priorities people...PRIORITIES.
"The public does not need to be concerned that the CIA is tracking them. We're a bit busy to be doing that."
Translation: "We're actually a bit too busy data-warehousing, analyzing and searching thru all the raw IP traffic that we siphon off and copy from each and every major NSP backbone peering point router in the whole country to be bothered with unimportant stuff like looking thru our webserver logs."
However, you don't know what the NSA does, and neither do I, and we don't have any way of discovering.
1. If you want to know what the NSA does, get a job there. They're hiring. http://www.nsa.gov/careers/
The Slashdot story is about the NSA ignoring the law. That should give anyone the idea that the NSA may at other times ignore the law.
Do you speed? Ever do a rolling stop? If so you should be watched as you may at other times ignore the law.
The NSA is a large organization, with a population of a small city performing many disparate activities. You speak as if it's an individual. It's not.
You're right. It wasn't about blow jobs. It was about lying about blow jobs.
And talk about spinning. You don't even know what the impeachment was officially about. You list 8 things that it was about, none of which came up in the impeachment hearings or in the charges.
It was about an entire pattern of abuses of power that include:
a) the mysterious deaths of senior cabinet officials
Not part of the impeachment hearings.
b) using the IRS audit as a means to go after political enemies
Not part of the impeachment hearings.
c) pardoning known terrorists
The pardonings in question happened AFTER the impeachment hearings.
d) involving the USA in Kosovo, without the consent of congress.
Not part of the impeachment hearings.
e) refusing congressional subpoenas for white house documents
Not part of the impeachment hearings.
f) deleting all of the white house email, in total violation of a congressional subpoena and numerous court orders
Not part of the impeachment hearings.
g) taking campaign contributions from the chinese
Not part of the impeachment hearings.
h) using public buildings for fundraising
Not part of the impeachment hearings.
Conversely, Bush has not broken -any- laws.
LOL. Ok, pal. You don't even know what the faux Clinton impeachment hearings were about, and now... just weeks after finding out that Bush violated laws by A) maintaining secret prisons outside the U.S. B) violating the Geneva conventions concerning torture C) illegal surveillence of U.S. citizens without a warrant, in violation of FISA law and the spirit and letter of the 4th amendment to the Constitution.... you say Bush has not broken any laws.
Your "king", your bible-thumping dyslexic power-hungry boy emperor, has wiped his ass with your Constitution of the United States.
Hope you're proud.
"I have as much authority as the pope, I just
don't have as many people who believe it" - George Carlin
Privacy is a non-issue - it died in the western world many, many years ago. Open your eyes - it's not going to get any better without serious public dissent.
This breath of stale perspective was brought to you by the letters B, B, I, W, Y.
So, it's not really fixed at all since the two I received are the standard default cookies for the ColdFusion web server software.
You are being MICROattacked, from various angles, in a SOFT manner.
"You can catch hackers with out hacking yourself" Sure you can... unfortunately you need a cerbral cortex involved which I call the root cause analysis failure.
||| I still can't believe Parkay's not butter.
to track US citizen via any manner, unless specifically allowed to. Obviously there are a whole slew of law governing the exception.
This memo is a 'reminder' that it applies to cookies.
This happens all the time. A law is passed and an organization makes policy about everything that may break that law.
The Kruger Dunning explains most post on
Dude you crack me up.
a. Maintaining secret prisons outside of the USA is perfectly legal under American law.
b. Also, the USA is not legally required to adhere to the Geneva conventions for those nations or combatants that do not adhere to them either. Therefor, we could legally execute all of the Al Qaeda and Taliban POWS, if we so chose. If Al Qaeda signs the Geneva Convention, then, their combatants get Geneva Convention rights, but, they do not.
Finally, this is the text of the 4th amendment. I suggest you read it.
"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."
1) First off, this amendment clearly does not require a warrant for a search. It insinuates that if you are going to send a human being to break into someone's house and disrupt their premises to conduct a physical search, that you need a warrant for that.
2) A person's property is not affected by electronic wiretapping. The original message is not delayed, its quality is not altered, and the value within it remains unchanged. Secondly, the message arguably is the property of the government anyway because it is going over the public airwaves. You could make the argument that the government does not needs a warrant to read email or listen in on voice mail or even to read physical mail because as soon as the message leaves the holder's hands and uses -public- transport, it is arguably not even the person's property, so it fails the "personal effects" test of the 4th amendment.
As for shredding the constitution, reading having a gov't computer that reads email is hardly the constitutional offense that the liberal agenda has. Show me the constitutional clause or amendment that specifically allows the government to regulate the environment, create "worker's rights legislation", or even civil rights or welfare or any other left wing project. I'm not saying that some of these powers the government has are bad, but, they are unconstitutional if you take the reasonable position that the framers explicit enumeration of federal powers and explicit granting of "all other powers to the state or to the individual" means exactly what it said.
Bottom line is, there has been no worse shredder of the Constitution than the American Left Wing.
PS. If you care so much about an expansive reading the 4th amendment, try and be equally expansive about this one:
"T h e r i g h t t o k e e p a n d b e a r a r m s s h a l l n o t b e i n f r i n g e d"
Which means, again, that because Clinton signed the Assault Weapons ban, that was ANOTHER REASON for him to be impeached, for clearly violating the constitution. Whereas Bush, on the other hand, let that stupid law expire so thus restored basic rights back to Americans.
When it all boils down to it, when you look at the repeal of the gun ban, the lowering of taxes, the removal of so many stupid regulations, Bush has actually been the most freedom granting president in modern times.
This is my sig.
This is clearly a foul-up by the NSA. Malicious? Hardly.
I mean, it's just a freakin' cookie, not like it's some Active-X trojan that installs a keylogger. So the damage to those effected is pretty slight if any.
Just clear your cookie folder.
But, yes, it is a clear violation of the Feds own Regulations.
However, I could see this happening in so many other scenarios.. lots of people use prebuilt software and don't always take the time to ensure they are configured 100% correctly.
This sounds like a case of "Good enough for Government work" if I ever saw one.
The software worked as hoped, but no one bothered to see if the cookies were persistent or session only.
If this was on ma and pas webstore, no one would even think to look.
But since it's the big bad NSA, it makes headlines world wide.
Because the NSA is big and bad and... well they got cooler toys than everyone else so somehow they must be better than everone else and not able to make a mistake.
And at least in this Bush Administration, the person reporting this is still walking around a free man. For now.
Oh Its about the "LEGALITY"
Did you even read the law you were linking to ?
The legislation would prohibit federal agencies from collecting and distributing personal information on computer users who visit federal Web sites. Agencies also would be barred from working with third parties to collect such information. The ban would not apply to data that does not identify individuals or to information submitted voluntarily.
I'm going to let you in on a little secret. If you are a generally law abiding person theres much more to worry about from your neighbors who will get pissed about the weeds in your yard , the color of your house, or the fact that they want you to pressure clean a fence, thant there ever will be about the big evil gummint.
that your narrating a 'tinfoil hat' is retarded not clever. If you were going for clever, it came across as retarded.
...show me the bill passed by congress ...
FYI, not all laws are bills passed by Congress. Many Federal regulations issued by the Executive Branch carry the force of law unless explicitly repealed by Congress. I don't know if that's the case here or not.
It's simple: I demand prosecution for torture.
Yeah, I must say I was really surprised by the early responses your post/this article got. I thought /.ers were better than that! The first minutes of its life on /. seemed to get posts (or at least moderator points) dominated by people who really didn't read or understand the article and what this doesn't mean about the NSA's intentions, our security, or as you say the non-illegalness of this non-issue. Fortunately as I look at the responses now the system seems to have corrected itself and the non-tinfoil hatters have retaken control... I suppose the obvious lesson I should get out of this is that those who mod or post early are less likely to have modded or posted accurately/reasonably. It takes more time to think than to emotionally react.
Quincy
Don't vote for Eugene Papansanovich for Congress!
hmm?
"A memo. Just a memo. Not an approved and voted on and passed law. It's a fucking memo! A nice idea, a thought, a suggestion, not law.
"
Administrative memos can have the force of law, if they originate from a position of authority. Administrative authority is delegated by Congress, and laws are made by agencies, subject to executive authority, judicial review, or congressional oversight. In many cases, simply publishing a rule in the Federal Register is sufficient for an agency rule to become law. Internal policies in an organization such as the NSA are in fact, law, and since Congress created that organization and delegated authority to it, it *has* been "approved, voted on, and passed law", as you put it.
If you're unhappy with that status quo, it's something you might take up with your representatives in Congress, but in general, the system enjoys overwhelming support.
-fb Everything not expressly forbidden is now mandatory.
"What I DO have a problem with is government agencies telling citizens that the first, second, and fourth amendments were merely guidelines and they don't matter any more due to case law and unconstitutional executive orders."
Naturally, you can quote a government official making such specific claims. Please do.
-fb Everything not expressly forbidden is now mandatory.
Well... lets see...
NSA should burn because they can track your movements with a permenant cookie. This is OBVIOUSLY against a law that I'm sure ALL of us knew about beforehand, and heck, I'll bet its required reading for all web admins in all government positions.
Bush should burn because, hey, there's gotta be a reason.
Microsoft dies because their software is vulnerable to this new attack from the government.
While we're at it, any site that uses cookies should be shut down, because they might be passing information to the government.
What'd I miss...
I'd like to see a beowolf cluster of NSA-burning permenant cookies that ca--- LINUX ROXXORS!1one!
Want to find other gamers to play board and role playing game
It's nice of you to come out of your cave. Now let me introduce you to cnn, fauxnews, msn, and countless other news sources where you can catch up on everything that has gone on since September 11, 2001
The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
Incompetence, stupidity, and dishonesty are bad enough, but when you can successfully hide your mistakes behind a veil of "public interest" or "national security" then you have effectively liberated yourself from accountability. Isn't that what we all want?
I don't think it was a cookie, they just used that term to sound more reasonable. My loot is on a web bug, I've seen enough of them at dot gov sites.
BTW, I didn't see anything in the gp's post saying or even implying that if this happened under a Democrat administration worse punishments should be involved. In fact, he implied just the opposite, that /. would ignore this kind of stuff under a different administration.
Also, the Clinton impeachment thing has been over for some time now. You are free to get over it any time now.
Mathematics is made of 50 percent formulas, 50 percent proofs, and 50 percent imagination.
Hi folks,
n dex.cfm?id=tn_17915
When the whole wiretapping thing came up, I surfed over to www.nsa.gov to poke around. Now that this comes up, I figured I'd see if a persistent cookie had indeed been placed on my hard drive.
So here it is:
CFID
630440
www.nsa.gov/
1536
1461092480
31957745
3729285920
29754980
*
CFTOKEN
52821618
www.nsa.gov/
1536
1461092480
31957745
3729445920
29754980
*
Looks like they're using ColdFusion. And wow! Macromedia shows you how to disable persistent cookies!
http://www.macromedia.com/cfusion/knowledgebase/i
Look guys, this is a tempest in a teapot.
You said,
"The NSA is a large organization, with a population of a small city performing many disparate activities."
This, of course, ignores my entire point. More accurately, you should have said,
"The NSA is a large SECRET organization, with a population of a small city performing many disparate activities."
How can there be democracy when the government reserves for itself the possibility of doing things in secret? There cannot.
Does anyone else see the irony in the fact TFA wants to set a cookie that expires in 2038?
qz
Hmmm, I think the press is making a molehill out of a cookie. It is cucumber time - nothing happens during the Christmas holidays, the reporters need something to report and cucumbers are about as inspiring as, well, web cookies...
Oh well, what the hell...
I too am a government-employed web developer. I find it humorous that I had never heard of this law before now though. While the majority of my work lives inside our intranet, we rely HEAVILY on cookies to insure data integrity. Our functionality would not exist without the ability to use cookies.
That said, we don't actually have the cookies expire on close. It's a courtesy to our users. Nobody likes logging in every time they visit a webpage and our users feel the same way. Nobody's ever tried to ding us on it though.
Nor have I ever seen any of the hundreds of various stock, off the shelf apps ever fit under this restriction. I personally know of two government owned/operated phpBB implementations that I have cookies for right now.
This whole thing is a scam, in my opinion. We have enough internal political problems to worry about without fearing lawbreaking on top of it merely for forgetting to pass the right date parameter to Apache::Cookie or something.
This take on the story from Wired states:
Whilst WebTrends say they're not aggregating the data across multiple sites, but we only have their word for it.
The article isn't very clear though whether it's talking about cookies/webbugs from the Whitehouse's site or the NSA's site. Nothing like a journalist to confuse you more.
You're so full of shit your eyes are brown. I've worked in various government positions that the very reason why I left for the public sector was because of grossly negligent fiscal mismanagement and the plethora of individuals who were there only because the local unions made it impossible to get rid of them.
The fiscal waste in government is enormous compared to the private sector. Why? Because the government can raise taxes and there's little or nothing that people can do about it. With business, the equivalent would be to raise prices. But if you do that, people can move to competitors. Government doesn't HAVE any competitors. In business, do you have a restriction that if you don't spend all of your budget you'll get less next year? Absolutely no. Government? Absolutely yes. That alone is the most ridiculous and fiscally irresponsible position and leads to billions of wasted taxpayer dollars every year.
So, go back under your rock and don't forget to submit your photo to Wikipedia for the "fucking clueless moron" section.
I hate the existing administration, I totally distrust our government (no matter which party is in power), I suspect that the NSA is incapable of telling the truth; and yet, somehow, I actually believe that this was an innocent screwup by whoever configured the NSA webserver.
You said, "... you know what the NSA does."
In my opinion, you should not think you know what the NSA does, or the effects of its actions.
"It's nice of you to come out of your cave. Now let me introduce you to cnn, fauxnews, msn, and countless other news sources where you can catch up on everything that has gone on since September 11, 2001"
Translation: I cannot provide a single quote.
-fb Everything not expressly forbidden is now mandatory.
the NSA cookies non-story
http://www.breitbart.com/news/2005/12/28/D8EPGENO2 .html
^^ Ironically that sets a cookie until 2038
"I can't believe the reporter is such a fucktard that he couldn't spend 2 minutes to research cookies and what they are."
Deleted