Computer Genius Blog :: aka “TheGarage”

Cookies are out of control. The use of cookies should be addressed in the
pending  anti spam bill. Its not the govt tracking us, it is the marketers.
 98% of the cookies on a person’s machine are for tracking the activities
of that person. I don’t like it. Why? because if the data exists, the government
can access it. Either surreptitiously, or by judicial process.

What can be done about it? The internet explorer settings to me are not
adequate. As a matter of fact, they are worthless unless you do absolutely
nothing on the web.

You see, cookies are crucial to the operations of web sites that do not
require the visitor to identify themselves. Without access to a cookie
that the website owners know about, they have no way of knowing who you
are, thus cookies.

Lets face it, cookies are designed  and promoted to give casual web
surfers, e.g. consumers, the feeling of anonymity when anything but is
the case. What used to be a clever trick to track event states in a stateless
environment has been shanghai’d by the marketer’s. Consider this:

id
17172953481370776 bb=K1K_oKt4Qw"Q_to|K4owR4t4R_oA_to|4_R_1wt4woAwoto|4wK"owt41R4K"to|KK1o"Kt4Ro1__to|KK1o"Kt4R"oQwto|K4owQ4t4""AA1to|K4owQwt41_RQoto|

bluestreak.com/
0
4088853888
30337997
1813684640
29603785
*

I cut and pasted that directly from a cookie.txt file. What the fuck is
up with that? Each of those values that look like garbage are tokens that
stand for something else. They identify a piece of information about user
with ID 17172953481370776. That’s me.

Here are some ideas I have about regulating cookies and marketing research
on the web:

1. Do not allow site trackers to aggregate stats for users across discreet
web sites. I simply do not want to be profiled by someone unless I get
to profile them in return, in person.

2. Require short expiration

3. require plain text for cookie property values

Here is another good one. What is up with this:

UNIQE_COOKIE_4134
&UNIQE_COUNTER=0&UNIQE_DAY_DATE=&UNIQE_MONTH_DATE=&
dpus.checkm8.com/
0
257962112
34603503
1448962112
29603503
*
P_8755
&V=2&CMP=6528&I=1&Day=29 Nov 2003&DI=1&C=0&DC=0&

dpus.checkm8.com/
0
257962112
34603503
1448962112
29603503
*
CM8GEO
&GEO1=205&
dpus.checkm8.com/
0
257962112
34603503
1448962112
29603503
*
P_8856
&V=2&CMP=6571&I=1&Day=29 Nov 2003&DI=1&C=0&DC=0&

dpus.checkm8.com/
0
257962112
34603503
1448962112
29603503
*
dt
1,20031129,OS=WIN98&BROWSER=IE5&PLUGINS=FL6:DX0:RV0:WM0:QT0:&JE=1&CE=1&cpuClass=x86&CT=lan&RESHEIGHT=768&RESWIDTH=1024&UL=en-us&GMT=6&ORD=1070134267830&country=DUMMY_COUNTRY&city=DUMMY_CITY

dpus.checkm8.com/
0
1346641920
32108355
1448962112
29603503
*
bw
1,20031129,25,1
dpus.checkm8.com/
0
1346641920
32108355
1520962112
29603503
*

Come on! They want to use my computer as a database and it is $1 a day
per cookie. Anyone going to claim that Internet users are not being tracked?
 There is just a little confusion as to who the perpetrator is. People
are ignorant to this for the most part.

Since the big PR push several years ago connived the internet-paranoid
public at large that cookies were simply harmless bits of text that pose
absolutely no threat to a person’s computer or data or privacy, we now
need another PR campaign to convince us our privacy is safe from unscroupolous
marketers too. I dont think they can do that with a straight face.

It just seems to me that writing a cookie protocol would be too easy. Set
the browser to first and foremost reject any cookie that isn’t compliant
with the protocol. Then cookies can be identified according to type and
dealt with according to a rules-based system based on cookie type.

How would you like it if those people who stand at the entrance of departments
stores trying to entice passers by to take a marketing survey could easily
jerk you aside and compel filling out the questionnaires every time you
walked in?  What if someone followed you around the store observing
your shopping habits?