Security expert Robert Siciliano does an interview with Fox News where he just makes up stuff about cookies being able to track all your online behavior. By the way, he calls himself an “identity theft expert”. Best quotes:

“These types of cookies, they actually track the computer user’s behaviours, what they like, what they dislike, what they buy, websites they visit. These types of cookies can record usernames and passwords […].”

“Cookies’ closest cousin is spyware. Cookies aren’t spyware, but they are very close.”

Cookies don’t do any of that. They can just store a small piece of text in your browser that identifies you when you are on that website. It serves for remembering passwords and stuff like that, and it certaintly can’t spy on you.




  1. J says:

    # 62 RSweeney

    Cookies don’t spy on you. The only way a cookie can track you across multiple sites is through the use of third party cookies. This can not track your browsing unless every site you go to has the same tracking. ie your porn site habit can not be detected by the white house unless they are both running the same tracker.

  2. noname says:

    1st, congratulation Cherman, you have created the classic STRAWMAN Augument.

    I can’t believe how gullible Americans are to this simple and very common deception.

    The point of this news cast was the government is actively working on tracking internet users.

    You have to be very, very naive/stupid if you don’t believe NSA computers are not reading and flagging emails with certain keywords.

    You have to be naive and stupid if you think NSA doesn’t Tap into Internet Trunk Lines.

    And last the picture above is of Judge Andrew P. Napolitano author of “In A NATION OF SHEEP”. He exposes how the feds have circumvented the Constitution and is systematically dismantling American rights and freedoms. He challenges Americans to think and realize that they are being led down a very dangerous path and that the cost of following without challenge is the loss of the basic freedoms that facilitate our pursuit of happiness and that define us as a nation.

  3. qb says:

    I always enjoy how the wingnuts will claim that US government is incapable of running trains on time in one breath and are secretly managing a vast surveillance network in the next.

  4. bobbo, not caring a whit says:

    #66–qb==I can imagine a very large organization with many different departments staffed by different people with different rules, funding, oversight performing in quite different fashion.

    Why can’t you.

  5. itx says:

    Allowing a cookie is the same as allowing any remote user. The tracking site has to be allowed to read the index to see if they already set a cookie (or more – I have 8 different cookies from virginmobileusa,) so the tracking site can easily a list of where else you’ve been. They’ve also been given permission by you to read ANY file on your computer that’s not in a passworded folder, because that’s how Windows and *nix work, so if they can figure out the shorthand of the content (have you used a hex editor on your cookies lately?) they can know all kinds of stuff. Did you notice that paypox includes your REAL NAME in their cookie?. And just like flash cookies (which, by the way, are mirrored into two folders) they can write to ANY folder, not just the one conveniently called cookies. I have my flash folders disabled so they NEVER write any, therefore no tracking during the session and no need to flush. It took me several tries to make that work while not disabling «Flash» / “Creepy Old Perv!” And don’t blame me if you’re too young to get that reference!

  6. deowll says:

    # 15 I don’t know about Billy-Joe-Jim-Bob i Hillbillyville, Tennessee but this old Tennessee boy added a plug in to Firefox that took out over 500 flash cookies the first time I ran it and about four or five more every later time I use Firefox and close it.

    You want to show the world how ignorant you are, just keep posting.

  7. deowll says:

    I guess I could have been clearer. I don’t think anybody put even one of those cookies there to make apps work across multiple domains.

    They were gathering data which is a commodity bought,traded, and sold.

  8. jccalhoun says:

    when is dvorak going to get someone to fix the url handling in the comments? It isn’t wordpress. My blog is wordpress-powered and it handles urls with www in the front of them just fine. There are also other commenting systems that can take over for wordpress like disqus, js-kit’s echo, or intense debate.

  9. meetsy says:

    cookies can give you swine flu and they know if you’ve been vaccinated or not.

  10. Cursor_ says:

    Look if you really want to surf the web and not be easily detected you have to change your habits.

    Start with downloading TOR and installing that. But be warned using TOR is going to slow you down to dial up speed at times. But at least it obscures you more.

    Get TORButton for Firefox. It is far easier than having to troubleshoot how to get other browsers running it.

    Get into the habit of running your browser off a thumbdrive that is encrypted. Dump all the cookies, cache and flash cookies every time you close your browser.

    Never go to sites for personal banking or other information while running TOR. Make the TOR surfing your main way of getting to sites you don’t want to have tracking you. Instead keep a copy of Firefox for your public browsing. But keep dumping all information including session information. Yeah it means you must type every single time your user and pass for every site that you have personal data on, but hey you want to be safe right?

    It will take on average three weeks to get into the habit. Once you do you should be a whole lot safer and more anonymous than you were before. There is no perfect hiding. But these habits will go a long way to help you stay hidden.

    There are stronger forms, but that entails a lot of proxy servers being run in other countries so you can bounce through them to surf. The speed again is an issue and so is the cost. But if you want that, place at least one in Taiwan. There is no current extradition treaty with the US (if you are a US citizen). Therefore their government turning over a sysadmin would be very rare. Other good locations with high tech availability are Indonesia and Andorra. Most of the others are either spotty for the net or have too many issues with westerners. Or in the case of China not trustworthy.

    There are many people that live in bad nations that must proxy or surf anonymously as a rule of thumb because their governments are watching or blocking them. So this is common sense to many who live under their government’s opression.

    Cursor_

  11. J says:

    #68 itx

    Almost everything you said is absolute rubbish!

  12. qb says:

    #67 bobbo, not caring a whit

    I can imagine a lot of things, such as killer bunnies with chainsaws. It doesn’t make them likely or real.

  13. johnhattan says:

    I just twittered that this Siciliano guy is an asshat with no credentials, and he started @replying me back defending himself, claiming that his statement is putting things in “perspective” for the masses.

    JCD, you have GOT to invite this guy on your show. He’d be a bigger train-wreck than that kid who walked around with a webcam taped to his head.

    And he’ll probably bring his own microphone!

  14. John Smith says:

    What people don’t realize is that companies use cookies to track what people do on that particular site. Seems harmless, but then the information is sold to companies who compile and link such information.

    Yes cookies only work to identify a user throughout a particular site, but by working across sites and compiling this information, advertisers do track more than you want.

    Ie: time accessed page, time left page. Two sites share the info, make connection between two users. (ie, between google search, and a site using google ads).

  15. noname says:

    Cookies are safe and Cookies are particularly good with milk.

  16. Sai Kai Lee says:

    Third party cookies that get pulled from advertising sites CAN track where you go on the web, and more.

    Cookies lie somewhere between the ridiculous extremes of “totally benign” and “track everything you do”. Just like most things in life.

  17. bobbo, quibbling is for losers says:

    #76–qb–you can imagine killer bunnies with chainsaws? I can’t. But then my days are not filled by watching and believing the Cartoon Channel.

    Sorry to have used a colloquialism you could quibble with.

    Dolt.

  18. qb says:

    #81 And the real world is simple. 😉

  19. bobbo, I really hate to say this but says:

    It depends on how you define simple.

  20. FRAGaLOT says:

    Doesn’t foxnews.com use cookies?

  21. Timuchin says:

    That’s it! Try to rally the liberals and leftists by getting them to hate the same target. You need the unity to restore Democratic party cohesion. Otherwise they will hate each other and destroy the Democratic party.

    Is the Democratic party a hate group?

  22. J says:

    #80 Sai Kai Lee

    They can only track you on sites that they have trackers on. They can not track you if you go to a site that doesn’t have their stuff. Site A can’t track you to Site B unless Site B is using the same tracking cookies.

  23. Rick Cain says:

    All these advanced cookie tracking methods can easily be bypassed by the wearing of a tinfoil hat.

    Works for republicans, it can work for you too.

  24. This Siciliano character is me:).

    johnhattan said, I just twittered that this Siciliano guy is an asshat with no credentials, and he started @replying me back defending himself, claiming that his statement is putting things in “perspective” for the masses. JCD, you have GOT to invite this guy on your show. He’d be a bigger train-wreck than that kid who walked around with a webcam taped to his head.

    John, a mans words in a public forum make up the base of his character. You certainly have character.

    Its obvious in this post that the originator of the post took much of what what said out of context only to spark a Perez Hilton like assault. You should be proud of such a profound rag with journalistic integrity. Those who actually watched the clip and understood its premise thoughtfully and correctly fleshed out the actual meaning of it and made sense.

    First, Ive never claimed to be anything I’m not. I know more than 90 percent of what the the masses know and less than 10 percent of what the experts know. My game is personal security as it relates to violence and identity theft prevention. And before you all go demonizing a simple 3 minute talk, I was being objective. I was helping the commentator sort this out. I was talking about what privacy advocates fear, not myself. I’m no privacy advocate. Requests to appear in front of a nationwide audience of non-techies generally requires to the commentator to associate an unknown with a known. Most people dont speak the tech language and need something to associate with. I specifically said that cookies aren’t spyware. “They are spywares closest cousin.” Which is what privacy advocates fear. Not me. It may have satisfied you all a bit more if I said spywares 10th cousin, but when you are in this environment and the clock is ticking, sometimes one forgets all their talking points or things don’t always come out exactly correct. So forgive me, forgive my offspring, and forgive the non techies for not knowing what you know.

    Further..I made an analogy that provides perspective to an audience that otherwise has none, pointing out what “privacy advocates fear”. I could give a crap that cookies are in govt websites. I love cookies. Makes my life a lot easier. And their yummy. The ACLU and the Electronic Frontier Foundation are the ones freaking out and maybe suing, not me. I was explaining their concerns, not mine.

    Thanks for this post, thanks for setting the record straight and thanks for keeping me and everyone else honest.

    Feel free to subscribe to my blog, follow me on Twitter and continually pick me apart like the National Enquirer does every public figure. I promise to give you something to bitch about.

    Robert Siciliano CEO IDTheftSecurity.com

  25. Steve R. says:

    The Fox news “interview” was nothing more than a hysterical red-herring concerning the potential for government intervention. It amazes me how Fox news whines about the the government invading your privacy but then is totally silent on private corporations that invade your privacy.

    If our nation is based on equality before the law, private industry should be condemned for its inappropriate actions too. Cookies, no matter where they are left, can be used to track our actions on the internet.

  26. b. brooklyn says:

    I’m not a cookie expert by any means. But that fact that it is so easy to track what a person is doing or has done online these days is kind of scary. I’d like to hear it from people who are confirmed government website experts. You can’t believe everything you read.


0

Bad Behavior has blocked 18334 access attempts in the last 7 days.