Re:- cookies and privacy

• To: www-security@ns2.rutgers.edu
• Subject: Re:- cookies and privacy
• From: Steff Watkins <Steff.Watkins@Bristol.ac.uk>
• Date: Tue, 16 Jul 1996 08:24:15 +0100 (BST)

Dave Kristol wrote:
=>(I'm not certain how DoubleClick does its thing.  I understand that
=>there's a link in some pages to www.doubleclick.net to load an image,

Hi,

 yep. Spot on. That's how it's been done. 

If you look at the source for 'http://www.doubleclick.com/', you get the
following line:

<A HREF="http://ad.doubleclick.net/jump/iantargets.com/default.htm">
<IMG SRC="http://ad.doubleclick.net/ad/iantargets.com/default.htm"
ISMAP WIDTH=460 HEIGHT=60 BORDER=1 HSPACE=6 VSPACE=14></A>

If you then pop on over to 'ad.doubleclick.net' and grab the relevant
file, you get the following returned in the 'preamble'

  Content-Type: image/gif
  Content-Length: 16683
  Set-Cookie: IAF=x; path=/; expires=Wed, 09-Nov-99 23:59:00 GMT

and there it is folks! Passed on to you by an image referenced from a
different host (www.doubleclick.net is 199.95.207.6 and ad.doubleclick.net
is 199.95.207.4)

A nice little trick that slides the cookie in with the imagemap.

If you are worried about these guys building up 'usage profiles' on you,
then probably the best thing to do is to NOT VISIT their site again. As
such, their 'clandestine data collection' techniques will have worked against
them as an advertising agency who, you would have thought, would have been
using techniques that ENCOURAGED users to visit their web site!!!!

Just a few thoughts,

Steff

: Steff Watkins, UBris Starlink Site Manager
: University of Bristol, Clifton, Bristol, AVON, BS8 1TH, UK
:
: RFC-822 : Steff.Watkins@bris.ac.uk
: X-400   : /G=Steff/S=Watkins/O=Bristol/PRMD=UK.AC/ADMD= /C=GB/   
: HTTP    : http://sw.cse.bris.ac.uk/
: Phone: +44 177 287869 (external)   3046 / 7651    (internal)  
: 'Ok.. So the .sig's 8 lines long!!! So what???'

• Previous: Re: cookies and privacy
• Next: Re: cookies and privacy
• Index(es):
  • Index
  • Thread