Slashdot Mirror
Logged In or Out, Facebook Is Watching You
kaos07 links to this ZDNet story, according to which "Researchers at software vendor CA have discovered that social networking site Facebook is able to track the buying habits of its users on affiliated third-party sites even when they are logged out of their account or have opted out of its controversial 'Beacon' tracking service. Responding to privacy concerns, Facebook has since moved to reassure users that it only tracks and publishes data about their purchases if they are both logged in to Facebook and have opted-in to having this information listed on their profile. But in 'extremely disconcerting' findings that directly contradict these assurances, researchers at CA's Security Advisory service have found that data about these transactions are sent to Facebook regardless of a user's actions."
Only if you have a Facebook account.
I'm shocked that you're shocked. Or even expect me to be mildly surprised that this is happening.
The only difference is that this is supposed to be a larger company and therefore better than the millions of smaller opt out pipe dreams out there?
) Human Kind Vs Human Creation
) It'd be interesting to see how many humans would survive to serve us.
Or at least your Facebook cookies. Problem solved.
"When information is power, privacy is freedom" - Jah-Wren Ryel
I'm not too worried about this because I have never bought anything from their third party sites, and millions of people use Facebook. I don't think that it's likely that if you are going through this that you will find someone you were looking for and be able to spy on their habits.
Please visit http://www.mederbil.com/ i7, GTX 275, 4 1TB Caviar Green in RAID 0+1 array, EVGA X58 3X SLI Board, Silver
Privacy policies and regulations are never taken seriously. State Farm, for example, releases clients' information to whoever asks for it.
http://statefarmwoes.blogspot.com/
The title has a built-in "In Soviet Russia joke.
Face your daemons!
Can someone sue Facebook for this, considering they're doing exactly what they said they wouldn't do (or at least that's what it looks like)?
"16MB (fuck off, MiB fascists)" - The Mighty Buzzard
Why people continue to use services like this. They are riddled with bugs, security flaws, loopholes etc.
Besides, who cares what you ate for breakfast?
"Facebook is able to track the buying habits of its users on affiliated third-party sites even when they are logged out of their account or have opted out of its controversial 'Beacon' tracking service."
I should have known there was a problem when I was signing up and saw this:
[ ] Opt out of Beacon(tm) on-line tracking when logged into Facebook; opt in to Lighthouse(tm) on-line tracking when logged out of Facebook.
The enemies of Democracy are
Venial - violating privacy
Mortal - lying about it
Crime against humanity - covering up the lie
Let's hope they stop before they get to the latter.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
browse with telnet people - or use something close to it, like lynx or w3m. personally using opera here, but now that i'm aware of this i think i'll clean my cookies before buying anything.
Why UNIX?
This is an outrage! How DARE they try and sell me things! This is almost as infuriating as Vons/Safeway and their "club card", tracking my purchases to try and "Better serve me". Horsefeathers! The fact that the products I want are in stock at any given point is PROOF that they've been using my spending habits to PREDICT MY NEEDS, which goes against everything I believe in.
When I say I want a free social networking site, it's not good enough that I not be billed directly for using it. The company hosting it must be desperately trying to sustain the bandwidth and CPU time for my constant page refreshes. At no point should they be even breaking even, let alone PROFITING from their service. Information wants to be free! Down with Big Brother! Doublethink! Free as in beer! ...What else... Oh! And my cell phone bill is too high!
So the article (yes, I read it) only mentions 3 affliated sites. Does anyone have a list of all Facebook Affliated sites? While I don't use (and never will use) facebook, other family members do have facebook accounts. I don't consent to have my information sent - could this be a liability for Facebook should someone decide to make it a large issue?
Facebook is currently affiliated with the following sites:
* Art.com
* Blockbuster
* Bluefly
* CBS Interactive
* eBay
* ExpoTV
* Fandango
* Gamefly.com
* Kiva, Kongregate
* LiveNation
* Mercantila
* NY Times
* Overstock.com
* Redlight Mgmt
* Seamless Web
* Six Apart
* STA Travel
* TheKnot
* Travelocity
* Viagogo
http://www.facebook.com/help.php?page=57
The first bloody Google result |: |
http://www.google.com/search?hl=en&sa=X&oi=spell&resnum=0&ct=result&cd=1&q=facebook-affiliated+sites&spell=1
"When information is power, privacy is freedom" - Jah-Wren Ryel
TFA's source indicates FB gives their affiliates javascript to include in the page that connects to a FB server for cookie exchange. Pretty sneaky. I wonder if google does something like that with google analytics.
Your friend has invited you to use the application "Big Brother", would you like to add this application?
Would you like to be a Vampire/Pirate/Zombie instead?
It would be nice to have a well-publicized, up-to-date list of those affiliated third-party sites, so buyers could ensure that they shop elsewhere.
As for Facebook's lies...I wonder if their dishonesty amounts to fraud? I bet the right judge would allow substantial penalties for that kind of deception. It tends to make the sheep restless while they wait for their shearing.
I've calculated my velocity with such exquisite precision that I have no idea where I am.
My Facebook account is linked to my school email. I only use the school email for Facebook. I use different emails on the commercial sites.
Wonder if they can track me.
Blar.
Also, here's the actual CA article.
One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
Amazon.com does something similar with their website ads. I search and buy a lot at Amazon.com, and their ads on other web sites (I've noticed it at crooksandliars.com, at least) apparently read my cookies and display item suggestions that are the same or similar to items that I've searched for or purchased at Amazon.com. It doesn't matter if I've logged out of my Amazon.com account, closed and restarted my browser to clear out any active cookies, etc, the targeted advertisement results still come.
I just wish I could delete my facebook account. It's actually close to impossible, first you have to delete all your information (wall posts, friends, etc.), and then they'll delete your account. Very, very time consuming. But I doubt any of that info is REALLY gone.
TFA's source [corrected] indicates FB gives their affiliates javascript to include in the page that connects to a FB server for cookie exchange. Pretty sneaky. I wonder if google does something like that with google analytics.
Corrected Link! This is why one should not slashdot before one's midday coffee. Please mod parent down, or something. That's a very small server and it will die.
It was already posted on Slashdot. http://yro.slashdot.org/article.pl?sid=07/12/03/0656205 That's two dupes in a row guys! Care to go for three?
One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
Let's see, what do we call it when someone follows someone around to see where they go, their tastes, who they know, etc, etc.
Yeah, that's right, it's STALKING!
When you restrict those activities to the internet, it's cyber-stalking.
Why is stalking suddenly OK if you're trying to sell stuff? It certainly doesn't feel any less creepy to the person being stalked.
The fact that these things are done in secret and too often in spite of public denials tells me that they know at some level what they're doing is unwelcome and wrong.
If they want to cyber-stalk in exchange for a free service, then it's not REALLY free, it just happens to have a non-monetary price. Let them be honest about the price and then the users can decide for themselves how acceptable the deal is.
You track information on Facebook!
Hehehe I love the ones that make more sense in Soviet Russia mode :)
"When information is power, privacy is freedom" - Jah-Wren Ryel
If an online community is large enough, there will always be some huckster out there wanting to exploit the masses somehow. In this case, it sounds like consumer surveys administered for free, without consent and without knowledge. This is unethical on many levels.
The game.
This issue was discussed to death back when Beacon first lunched. It's impossible for the Facebook javascript on third party sites to know if you have opted out without communicating with Facebook's servers. Facebook is always going to have to receive data. The question is do you trust them to not store it? If you are that paranoid just block the facebook beacon URL from loading. Problem solved.
I find, that Facebook has gained a lot more attention, at least globally, than most other social sites has ever gotten, especially regarding privacy. Since major corporations have roasted on the lack of knowledge of their users regarding their own privacy for years, since I myself is a walking case of turbo-paranoia. I for one welcome this wide spread paranoia about the intentions and possibilities of Facebook and the people behind.
It's all fun & games until someone loses the game.
If you want a vision of the future, imagine a book stamping on a human face - forever
Facebook Users have been very quiet of late. Where are the good old days of protest and people power? A year ago, a lot of teenagers with a strong sense of priorities and a social conscience would have fought Facebook to the death on this (rather than, you know, something trivial like Human Rights in China, or the UK). Where have you all gone, you Young Pioneers!
Was it like this when the Germans bombed Pearl Harbor? No!
Fight, the noble fight! Save Facebook for the rest of us! It's far too vital to our very existence to be allowed to be destroyed by cynical, shallow individuals!
Glad I don't have a facebook account
Technoli
I've often thought about the various people who have made a fortune or are about to make a fortune from online properties.
Jason Calacanis, Kevin Rose, the Flickr people, etc.
Usually I think to myself, that's awesome that these people were able to work hard and see their vision to the end and make a living from it.
When I think of Zuckerberg, I think the exact opposite. Fuck that guy. I've always felt like he sleezed his way to where he is, and stories like this only reinforce that opinion.
(prepared to be modded troll...)
Name...That...Autocomplete!
A program needs your permission to continue.
If you started this program, continue.
Big Brother 1.0
BigBrotherSoft Inc
C:\Downloads\BigBrotherSetup.msi
Continue / Cancel?
User Account Control helps stop unauthorized changes to your computer.
"When information is power, privacy is freedom" - Jah-Wren Ryel
Fucking beacons I hate em!
Use CookieSafe. It's like NoScript for cookie management. https://addons.mozilla.org/en-US/firefox/addon/2497
I got pretty nervous when stuff I rented from Gamefly was automatically posted to Facebook. I don't need "Don has rented BMX XXX" on my ticker. Not because of the nudity, but because its a horrible game in general.
Even those who arrange and design shrubberies are under considerable economic stress at this period in history.
This morning I logged into a Gmail account that I use exclusively for certain Google alerts. The address has never been used otherwise. I found a bunch (20-30) of "new friend" notifications from Facebook.
Turns out someone tried to create a Facebook account for my Gmail address (the account name isn't terribly obscure.) Of course, they couldn't 'verify' the Facebook account for lack of access to the Gmail account. Nevertheless Facebook dutifully listed this new account such that random bozos could befriend it. So, you may go to Facebook and associate any public name with any email address you wish and Facebook will stick it out there for the world to see before any level verification has been performed.
I canceled the Facebook account (for some Facebook defined value of 'canceled') but nothing prevents someone from reestablishing it. I've had nothing to do with these dinks; they have no respect for your information or wishes. 'Eyeballs' is the only metric they measure and if exposing you and yours makes more eyeballs then you're getting put up.
Lurking at the bottom of the gravity well, getting old
They also can only track you if you use a computer!
The date on this article is 04 December 2007 05:22 PM, are we sure the concerns raised here weren't dealt with already? ...not that I'm a huge Facebook fan, but if I were to leave Facebook I would have to give up administration of the United Cabin Dwellers Federation. Although I hear leaving can be difficult...
"You can't win. You can't break even. You can't quit." -A. Ginsberg
After seeing how many gmail contacts had facebook profiles (using friendfinder), I created an account. Regardless of the fact that when I entered my gmail account information there is a notice that states: "We won't store your login info or contact anyone without your permission." EVERYONE in my address book got notified that I had created an account. I only figured this out when I didn't add any personal identifiable info into my profile and still got invites. It was still a blank profile, and after IM'ing one of my friends that invited me to connect to them, I found out he got a "your friend joined" message. So much for NOT contacting anyone without my permission facebook!
I promptly closed the account. I'm sticking with linkedin.
....when I thought about all the privacy risk potential for that oh-so-wonderful website known as facebook. I balked at the idea of using my real name on there. The site seems to be nearly useless if you have no friends who are already on the site. There's options for putting in your home address & phone number, and about 20 other things a website honestly doesn't to know about you.
Now it's expansing. Makes me wonder why all the people who loved facebook yet hated myspace think so highly of this site. Yes, I use linkedin.com and my real name on there, but that's for job hunting prospects & checking out recruiters. That's different, for in the corporate world I do use my real name.
Well now they know the shopping habits of 16 year old girls. I'm sure that will yield great marketing gains
Does what happens in the Facebook stay in the Facebook?
http://www.youtube.com/watch?v=wogtTQs8Kzw
How is the merchant site able to read the user's facebook cookie? I thought this was a security violation.
Google is the web marketing power house. If you visit a site, like say slashdot.org, you'll notice that your browser automatically downloads stuff from google-analytics.com. What this is is user tracking software to track every page you visit on that website. The website (in this case slashdot) then can access a detailed report of visitor tendencies on the website. They've even got fancy charts to show you (the website owner) on average how long a visitor stays and which pages that visitor viewed before leaving.
If you don't want them to track you this closely, you can get firefox along with noscript and blacklist google-analytics.com. The website owner will still have logs of your ip address but it is much harder to come up with an accurate picture of what you're doing from web server logs.
... that information transmitted does not equal information retained? I know that most people are cynical, but let's try to be trusting for once.
It seems to make perfect sense to me that Facebook would give affiliates a simple JavaScript that reports the information back to Facebook, and then the decision whether or not to retain the information happens on the Facebook server, rather than at the browser level. Don't jump to conclusions before you know exactly how the system works-- if the data isn't retained, it's essentially equivalent to it not being transmitted at all.
Especially when our employers pay for our continuing education. What's that? Sounds like job security :P
Blar.
I look at it as a way to stay connected with people I care about (and that means having a good real life relationship with them).
I have about 15 friends on my list and some of those friendships go back 30 years, some live on the other side of the country. It's only those people who actually see anything other than my name, since I've set my profile to private.
Yes, I suppose I could just email them with updates about my life, but much like the Christmas newsletter my mom used to send out once a year to everybody, it's just easier this way and everybody gets the same information.
I don't place anything embarrassing WRT me or any of my friends, just simple information about what's going on.
Well, OK, I admit to playing Scrabulous a bit too much :-)
In Soviet Russia .
You watch Facebook ..
Oh, wait ... WTF !!?!?
echo '[q]sa[ln0=aln80~Psnlbx]16isb572CCB9AE9DB03273snlbxq' |dc
I thought all this Beacon nonsense had been worked out. I have a facebook account that I don't post much on but it's literally the only way some people contact and plan events anymore of my generation. I bought a ticket to the wargames screening off Fandango and all of a sudden it's posting my purchase to Facebook. I was under the assumption you needed to opt-in to beacon now, I was sure wrong. I dug around and finally was able to turn off this "feature", they don't go out of their way to make it easy.
no txt
What might have royally pissed off others was that when facebook asked for the new member's valid email address, it implied or outright expected them to provide to the f/b interface the VALID PASSWORD OF THE VALID EMAIL ACCOUNT.
This royally inFURIATED me. All they needed to say was Give us your valid email of choice, and reply within 5 minutes of receiving it and supply the code we give you, or you'll have to redo this and still try within 5 minutes to validate yourself.
They had NO f*cking business structuring it in such a way that MILLIONS of users would blindly or hopelessly supply their gmail, yahoo, msn, and/or other passwords through a facebook conduit.
Can you IMAGINE how much snooping could be done if facebook were compelled by law or court order to submit subscribtion/memberhship application logs to various agencies that don't want to actually leave traces of intel-snooping? All they have to do is notice whether or not the user is online or not, then log in as them, quickly look at non-viewable things, then log out. Only if friends and bots are somehow tracking friends login/logout activity can anyone be tipped off that something might be amiss.
Even without the conspiracy theory stuff, facebook should NEVER have culled or duped people into giving facebook their other account's passwords, nevermind the fact that there are other means by which other parties could steal or surreptitiously obtain a targeted user's password.
I cannot remember what I did to foil that frackin' attempt, but I think I did foil it.
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
And this is only one example. It seems to me that there are too many business that are taking advantage of the average "I know what Im doing because I use myspace all the time" kinds of users. Facebook, google, myspace, these are all things that from the early days I warned people were dangerous. I even fell into the trap and created a myspace once, with no correct info, but even with just a real picture of me, it made me nervous. What I've concluded (quite obviously)is if there is a internet service out there that is free from a large corporation, odds are that they are doing something fishy. This is where learning how to have alternate identities online comes in handy. I personally have been having a harder and harder time with this as I grow in the tech business. Its hard when people expect your email to be firstname.lastname.social@mybusiness.com. So what should the solution be then? Well, I dont know, but I do think that better regulations on pre-service registration disclosure (and not in tiny text EULAs) would help a lot. Also, as always, punishments for mis-leading deliberatly consumers. Just my -2 cents.
"It's ok, I'm completely secure as long as my iron is off"
In short, soviet russia is a joke.
"WhereEVER you GO, whatEVER you DO, whatEVER you're THINKING about, I'll BE WATCHING YOU!"
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
So did the original owners before Mark Zuckerberg stole it from them. Now I'm not saying that he's out to steal the stuff you buy but...
http://www.youtube.com/watch?v=cLQiTzs8PQ4
Welcome to 2007.
What part of "separate" don't you understand? I do things with people who know me IRL with my real name.
The people who know my by my internet name know ONLY that, so they don't have the information to add that kind of tag.
And the two sets are disjoint.
I'm not the GP poster, but it's not as hard as you think. You just have to avoid giving out too much information. Most people online don't care who you are.
With the NoScript extension for Mozilla Firefox you can block sites from loading JavaScripts.
So example, if you goto eBay, it cant load JavaScript from Facebook.
* http://noscript.net/
Also in Firefox, you disable cookies for sites which you have not explicitly allowed.
Im not sure im following, but I think you mean the "Add Friends" thing? Where you add your e-mail, and that e-mails password so it can log into MSN/Yahoo/Gmail and pick up your contact lists?
If so, I completely agree, I found that terrifying actually, talk about mining, they must have millions of users real e-mail and passwords for multiple chat and networking clients. Which means they could possibly know everyone you talk to online, and then six-degrees of separation.
It asks you to do that just after you "establish" your account, at least it did a year or so ago, as if it was mandatory almost, I think I just killed my browser to get out of it...Fuck That!...
Frankly, I despise Facebook with a passion, however, that doesn't stop me from having it on my SpeedDial, and visiting it multiple times a day, but its limited to random information, and I don't add any "Apps".
Plus the fact that its Google Indexed, you can search for -Your Name- in Google (among other search engines) and find your own Facebook Profile even if yours isn't participating (ie you didn't Opt-Out) in the indexing nonsense because surely at least one of your contacts has that enabled. Try it, "Bob Smith" if you have a Facebook account it'l probably show up in the 20 results of Google, especially if you have a unique name, or you added your middle name etc.
I clear my account (strip all information) then Disable it for a few weeks ever 2 months or so, till its been removed from various Indexes, then added shit again... sorta like a sick game of hide-and-seek.
You pulled a fine troll there, kid. Some people got suckered in and you can consider yourself a success. Now move along and let the adults talk, ok?
Maybe you can go play at digg with the other 12 year olds.
http://www.facebook.com/group.php?gid=16929680703
I am pretty sure that it was when I initially subscribed.
But, I almost NEVER input my friends' REALL e-mail. FUCK THAT. It's just another lazy-assed, surreptitious harvesting opportunity. I search for my friends by name, or find them in other friend's profiles. If I cannot find a friend without their e-mail address, I give up. Or, I call them, tell them MY e-mail, and let them decide whether or not to tell me/add me, or put themselves on a social site.
Way too many thoughtless/un-thinking people unmindfully add their contacts lists of people who might have been TRYING TO STAY OUT of the marketing mechanism.
I wonder, though, if there is or will be a Do Not Harvest & Retain Me list, compelling facebook, myspace, et al to purge all public/blog/post references. That could really piss off some advert types who "just want that fucking contact info, no matter what"...
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
Eh? That's optional. You can 'add friends' from your address book. You don't have to do it -- but it's kind of logical that if they want your address book from your email provider, they need to be able to access your account, yes?
Anyway, it was pretty clearly marked as something optional you could do to find/invite friends.
I used to think the same way. It doesn't matter, though...no matter what you or your friend's intentions, some idiot is going to tag a photo with your real name, address, email, etc on a public forum like Facebook. You don't even have to have an account there to be identified in the most public possible way. Just hope it's a photo of you at your best. It's a public life, and we did it to ourselves--didn't take a government or nothing to get us to install a two-way TV like in 1984.
but have you considered the following argument: shut up.
so when u get internet.....
u think u can't be cracked?
c'mon.....
if u r afraid of it....don't try
just say bye
when u r into it......just play it and get hands-on
Would it be possible to build a browser extension which automatically sandboxes facebook, so the cookies are trapped and can't be used for this tracking?
Now everyone will know I buy banana-flavored lube!
http://cafepress.com/spankymm - for the Masturbating Monkey in you!
I wonder if I would get blocked by facebook if I started posting anti-facebook, articles such as this and many other I read online.
This is very very very old news -- article is from 04 December 2007 05:22 PM and since that time Facebook already came out and made changes so this is not the case.
I'm constantly amazed about how people will post private information in a public place (thus making it public information), and then complain about how they are being robbed of their privacy.
My problem with Facebook wasn't the information I gave them. All I gave them was an e-mail address, my university, and confirmation when a few close friends told them about our friendship.
My friends, however, subsequently gave them numerous additional bits of data about me without my knowledge or consent. Of course, this wasn't done with any ill intent; for the most part, it was probably done without a second thought. However, within a few days of my joining, Facebook not only had the identities of many of my friends (obviously), but also pretty much everything from enough information to work out my home address and car registration to a fairly complete record of my movements for the past few weeks. I cancelled my account very soon after this pattern became apparent, and asked that my friends no longer post anything relating to me on there.
This is the problem with Facebook: its entire modus operandi is to make other people provide information about you. And as anyone who's been a victim of identity theft (or just shafted on-line by a jealous ex) can testify, there's pretty much SFA you can do about that until it's far too late to make a difference.
Oh, and the other problem that they don't know what the word "delete" actually means, as in, "delete my account" not "flag my account as hidden but keep all the personal information about me in your database anyway".
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
Remember what you read when you signed up?
"We may use information about you that we collect from other sources, including but not limited to newspapers and Internet sources such as blogs, instant messaging services and other users of Facebook, to supplement your profile."
Why is it that only people that don't use Facebook know that it is a datamining operation setup by the outsourced CIA, namely In-Q-Tel? Tell that to a Facebook person and they think you are one of those tin-hat wearing types. Ho hum...
someone actually cares about my personal information. Thanks FB + affiliates, you make me feel warm and fuzzy.
Modding me -1 troll doesn't make me wrong.
fuck, you're right
When a Facebook user takes a Beacon-enabled action on a participating site, information is sent to Facebook in order for Facebook to operate Beacon technologically. If a Facebook user clicks "No, thanks" on the partner site notification, Facebook does not use the data and deletes it from its servers. Separately, before Facebook can determine whether the user is logged in, some data may be transferred from the participating site to Facebook. In those cases, Facebook does not associate the information with any individual user account, and deletes the data as well.
- Chamath Palihapitiya, Facebook's Vice President of product marketing and operations
...and so facebook has my university email address. I don't use it for anything else besides facebook and school-related things, so I don't think they will be tracking me by my email address.
Ad Muncher will block facebook beacon in all browsers right out of the box.
Problem solved.
www.admuncher.com
I've looked at this list, and have made a startling discovery....
I've NEVER visited ANY of these sites.
Oh, and I'm not on Facebook, either.
I wonder if the privacy issue extends to affiliates of the affiliates?
This kind of stuff will sink them. They can't even use the info you *do* volunteer correctly to target ads, and they are trying to sneak around and get data that you *don't* volunteer... hmmm
So, assuming that you are not actually logged in to Facebook, how does it know who you are? I have a Facebook account that I created for my job (we wrote a Facebook app a little while back. I have exactly one friend (a co-worker) and have not logged in to the site since. So how do they still know who I am?
If I don't put anything here, will anyone recognize me anymore?
Optionally, you could always simply live your own life and not bother with a Facebook account. My wife uses one to keep in touch with cronies past and present, but I find it disturbing to see the shenanigans that she has to go through to avoid becoming a buzz-bar between her various acquaintances, who (being predominantly female and possibly more or less human ;-)) do not necessarily get along with each other.
Simpler by far to stick to email/skype/SMS/whatever, thus shortening the chains of personal interactions and not have your own time swallowed up by Facebook.
OK, I admit I am a confirmed wearer of tinfoil hats...
/dev/null, thus ensuring that nothing persists after closing the session.
But I have never felt it really necessary to leave persistent cookies lying around, as I have never been totally convinced that they are entirely immune to being read by unwelcome parties.
I know modern browsers (at least FF, Safari and Opera, and I guess probably IE) usually have an option to allow session cookies only, but I am still in the habit of forcing this on Linux and Mac boxes by symlinking my cookies.txt (and now cookies.sqlite) to
In the brief spell when I used Windows boxes, I simulated this effect (this is when Netscape was the norm) by creating a directory called cookies.txt in the appropriate place, which had an approximately similar effect.