Posted on 03/19/2002 3:02:10 PM PST by RCW2001
DAVID HO, Associated Press Writer
Tuesday, March 19, 2002
©2002 Associated Press
URL: http://www.sfgate.com/cgi-bin/article.cgi?f=/news/archive/2002/03/19/financial1851EST0366.DTL
(03-19) 15:51 PST WASHINGTON (AP) --
The CIA got caught with a hand in the Internet cookie jar.
The agency removed tracking software known as a "cookie" from one of its Web sites this week after a private group discovered the banned practice, said Mike Stepp, who manages the CIA's public Web site.
"It was a mistake on our part. It was not intentional," Stepp said Tuesday. "The public does not need to be concerned that the CIA is tracking them. We're a bit busy to be doing that."
Cookies are small software files often placed on computers without a person's knowledge. The files can make Internet browsing more convenient by letting sites distinguish user preferences, but they have been criticized for violating privacy because they can track Web surfing.
The government issued strict rules for how federal agencies may use cookies in 2000 after it was discovered that the White House drug policy office had used the technology to track computer users viewing its online anti-drug advertising. The rules ban the use of "persistent" cookies, which track Web habits over years.
One of those long-lasting cookies was found Thursday on a CIA site by Daniel Brandt, president of Public Information Research, a private San Antonio-based group that preserves publications related to intelligence and business.
Brandt said he discovered the cookie, which keeps working until 2010, when he was looking at the Web site for the CIA's Electronic Reading Room, which provides access to previously released agency documents.
"They're not supposed to be doing this," Brandt said. He said he was particularly concerned because the reading room site allows users seeking documents to search for particular words.
"The keywords you put in reveal an incredible amount about what you're looking for and what your interests are," Brandt said. "It would be very, very tempting to track that kind of information."
A notice on the CIA Web site states: "The Central Intelligence Agency Web site does NOT use the 'cookies' that some Web sites use to gather and store information about your visits to their sites."
Brandt sent e-mail to the CIA with his concerns and the agency responded on Monday, removing the cookie and some other temporary cookies that were discovered.
Stepp said an outside company had redesigned the reading room Web site, which was posted to the Internet on Jan. 29.
"Unbeknownst to us, it was loaded with some software, commercial off-the-shelf software used for Web analysis," Stepp said. The software included a cookie that tracked repeat visitors to the site.
To make sure no improper information about site visitors had been recorded, Stepp said two sets of log files would be destroyed.
Congress issued a study last summer that found 300 cookies still on the Web sites of 23 agencies despite the government ban.
CIA Electronic Reading Room: www.foia.ucia.gov/
Public Information Research site on CIA cookie: www.pir.org/ciascan.html
Most people have little knowledge of what the hell their computer is doing, anyway. How many people even know what TCP/IP is, or a Domain Name Server, or a MAC address?
Without cookies, there can be no dynamic web content, and therefore no e-commerce. Cookies allow sessions to be tracked so the server knows what the user just did and wants to do next.
Cookies are a "banned practice"? How strange. There go all the discussion boards on the net, I guess :)).
I use Netscape as my browser. I have it set to warn me when someone is trying to set a cookie. I never allow a cookie.
At least, I don't think I do, if I can believe what Netscape told me. The only down side, if it can be called that, is that I'm not allowed to vote in some online polls because I don't allow their cookie.
I have always wondered whether this actually does keep cookies from being set, so I'm hoping someone in the know can tell me. When the message pops up it always says for how long the cookie will stay, and I was shocked at first to see that some of them are set for 2 or 3 years!
I use Netscape as my browser. I have it set to warn me when someone is trying to set a cookie. I never allow a cookie.
At least, I don't think I do, if I can believe what Netscape told me. The only down side, if it can be called that, is that I'm not allowed to vote in some online polls because I don't allow their cookie.
I have always wondered whether this actually does keep cookies from being set, so I'm hoping someone in the know can tell me. When the message pops up it always says for how long the cookie will stay, and I was shocked at first to see that some of them are set for 2 or 3 years!
The amusing part of the article was that there was such an uproar being created over a cookie. Meanwhile we've got software vendors out there running spyware in their programs, and nary a peep on the headlines. But, let the CIA track a cookie, and all hell breaks loose.
There are plenty of (Unix) web sites with cookies that use an expiration of doomsday -- January 17th, 2037.
My computer freezes every time I try to do a virus scan.
My computer freezes every time I try to defrag.
Now I just tried to install the program you suggested. Although the program downloaded to my computer, "something" won't let it install.
Do you have any idea what's going on?
Thanks. Judy
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.