|
alonfw
Dec 26, 2003, 9:41 PM
Post #1 of 22
(4498 views)
Shortcut
Registered: May 7, 2003
Posts: 42
|
I recently installed SpyBot Search and Destroy and it seems to be finding spyware on rc.com. About half the time I open a rc.com page I get a popup saying that the spyware "Avenue A, Inc" has been detected! What is this? Why is rc.com 'spying' on me? BEWARE!
Alon :)
|
|
|
|
|
rrrADAM
Dec 26, 2003, 9:49 PM
Post #2 of 22
(4498 views)
Shortcut
Registered: Dec 19, 1999
Posts: 17553
|
In reply to: I recently installed SpyBot Search and Destroy and it seems to be finding spyware on rc.com. About half the time I open a rc.com page I get a popup saying that the spyware "Avenue A, Inc" has been detected! What is this? Why is rc.com 'spying' on me? BEWARE! Alon :)
I have the same software, and I don't get those. We do have cookies, but they are not "dataminers" from what I understand.
I will bring this up to the other Admins, as I am very much against this.
|
|
|
|
|
epic_ed
Dec 26, 2003, 10:38 PM
Post #3 of 22
(4498 views)
Shortcut
Registered: Jun 17, 2002
Posts: 4724
|
You likely received it from another source. This parasite/cookie tracker is usually affiliated with music download packages and was probably piggy-backed with the install of something like Kazaa or radio@netscape. Have you downloaded and installed any software from the internet lately? A lot of it contains spyware/adware features that you're not made aware of when you decide to install it. Oh, they make a discloser in the fine print, but who ever reads that stuff. Next thing you know you have pop-ups left and right and you have no idea where they came from or how to eliminate them. This site has some good information about Avenue A:
http://www.computercops.biz/index.php
Ed
|
|
|
|
|
jt512
Dec 26, 2003, 10:45 PM
Post #4 of 22
(4498 views)
Shortcut
Registered: Apr 12, 2001
Posts: 21904
|
In reply to: You likely received it from another source. This parasite/cookie tracker is usually affiliated with music download packages and was probably piggy-backed with the install of something like Kazaa or radio@netscape. Have you downloaded and installed any software from the internet lately? A lot of it contains spyware/adware features that you're not made aware of when you decide to install it. Oh, they make a discloser in the fine print, but who ever reads that stuff. Next thing you know you have pop-ups left and right and you have no idea where they came from or how to eliminate them. This site has some good information about Avenue A: http://www.computercops.biz/index.php Ed
Well, my Ad-aware software identified the cookie from Tribalfusion, which originated from rc.com, as a data miner.
-Jay
|
|
|
|
|
scubasnyder
Dec 26, 2003, 11:37 PM
Post #5 of 22
(4498 views)
Shortcut
Registered: Oct 3, 2003
Posts: 1639
|
that does not do that to me, rc.com is actually 1 of the only websites that works on this 56k piece of shit i ma on
|
|
|
|
|
rrrADAM
Dec 26, 2003, 11:50 PM
Post #6 of 22
(4498 views)
Shortcut
Registered: Dec 19, 1999
Posts: 17553
|
I also have AdWare.
|
|
|
|
|
corpse
Dec 27, 2003, 1:23 AM
Post #7 of 22
(4498 views)
Shortcut
Registered: Jan 17, 2003
Posts: 822
|
Due to security limitations with cookies, a site can't really get cookies about other sites. It is 100% safe to enable and use cookies on your computer. Sure, that technically opens a hole, as some server can store/read information stored in cookies, but they can not just read any ol cookie and compromise security. So just enable cookies and be done with it. you can not get a virus or trojan installed on your computer by having cookies enabled. You can not have malicious code of any other kind be executed because you accept cookies. Javascript, vb script and java applets are the things that can cause problems.. Javascript is EXTREMELY secure - it can not read/write files (other than cookies).. The worst javascript can do is quickly open a zillion windows on your computer, which could easily cause a computer to crash. VB script can do bigger damage, as well as java applets..
|
|
|
|
|
coldclimb
Dec 27, 2003, 2:38 AM
Post #8 of 22
(4498 views)
Shortcut
Registered: Jan 14, 2002
Posts: 6909
|
I'm with Adam. I also have both spybot and adaware, and haven't noticed anything coming from rockclimbing.com
|
|
|
|
|
overlord
Dec 27, 2003, 1:11 PM
Post #9 of 22
(4498 views)
Shortcut
Registered: Mar 25, 2002
Posts: 14120
|
i also dont get any reports from rc.com
|
|
|
|
|
from_the_gym
Dec 27, 2003, 3:45 PM
Post #10 of 22
(4498 views)
Shortcut
Registered: Dec 20, 2003
Posts: 50
|
i get reports every now and then, but i also download a lot of music. I will keep my eye out for one that came from rc.com and post back whether it was or was not from this site.
|
|
|
|
|
tgreene
Dec 27, 2003, 4:22 PM
Post #11 of 22
(4498 views)
Shortcut
Registered: Oct 22, 2003
Posts: 7267
|
I frequently get some sort of an MSN lpopup ogin window here, and it tries to connect to a .au adress... RC is the only site where this has ever happened, and it's happened quite a bit lately.
|
|
|
|
|
rrrADAM
Dec 28, 2003, 4:04 AM
Post #12 of 22
(4498 views)
Shortcut
Registered: Dec 19, 1999
Posts: 17553
|
I get that aslo, but very rarely, and only when I am on this site. :(
|
|
|
|
|
meataxe
Dec 28, 2003, 7:37 PM
Post #13 of 22
(4498 views)
Shortcut
Registered: Oct 23, 2002
Posts: 1162
|
I see the usual ad-tracking cookies... nothing more sinister than most sites.
However, I do see a request for my passport.com third-party cookie. I can't totally block this one since Microsoft forces me to accept it if I want to access their developer site. I hate passport! :evil:
|
|
|
|
|
hishopper
Dec 28, 2003, 10:36 PM
Post #14 of 22
(4498 views)
Shortcut
Registered: Jan 10, 2002
Posts: 387
|
Tim??
|
|
|
|
|
tim
Dec 29, 2003, 5:29 AM
Post #15 of 22
(4498 views)
Shortcut
Registered: Apr 4, 2002
Posts: 4861
|
AFAIK, tribal fusion does not do anything crooked with cookies. Tracking cookies are a necessary evil -- if you log in to rc.com, you're either using a cookie or lot of unnecessary GET requests. 'Spyware' is another can of worms -- normally crap like ActiveX, etc. It is a bit disturbing that 3rd-party cookies requesting Passport details exist, whether or not they're on our ad network. However, cookies are not spyware, at least not in my book. They are a means to make a stateless protocol (HTTP) act statefully (eg. "logged in" versus "not logged in") and we use them for that. Advertisers use cookies to try and ensure that a given user only sees a given advertisement once, or a small number of times.
Avenue A is an ad firm, and the spyware program is reporting that it has blocked a cookie that purportedly originates from Avenue A's servers. One of the issues I have with overly-boisterous 'spyware catchers' is that, not unlike the antivirus companies who oh-so-coincidentally uncover viruses the day before they hit (hmmmmm....), the spyware detectors compete to see which can be the noisiest. WARNING! YOU ARE USING INTERNET EXPLOITER!!!1 really ought to cover 99% of what people need to be concerned with... alternately, you could try using Mozilla and sidestep the whole mess. Between Internet Explorer vulnerabilities and ActiveX insecurity, I never feel 100% confident telling a potential Windows user that they're "safe". But we do not deal with the sorts of advertisers that deliver 'Gator' and objectionable parasitic software like that -- the real "spyware". We rotate between our own in-house ads, Google AdSense, and Tribal Fusion, and sometimes Tribal Fusion carries an ad from an agency with a bad rap.
Tribal Fusion isn't perfect, but they're not slime, either. So unless they've radically changed in the past week, I do not believe that we actively deal with anyone who sells/offers/proffers spyware ('Gator' and other such programs), and I won't be working on this site any more if that changes.
|
|
|
|
|
meataxe
Dec 29, 2003, 4:05 PM
Post #16 of 22
(4498 views)
Shortcut
Registered: Oct 23, 2002
Posts: 1162
|
I'd agree with that, pretty much. Cookies are not spyware in the same way that Gator and similar software is. Gator requires you to install it on your system--although an unfamiliar user may be tricked into doing so.
Cookies do, however, give up some privacy. Large ad providers like doubleclick will run ads on a whole range of sites. They can use the cookie to see what sites you as an individual have been visiting. This can help develop a profile to target you with specific ads.
For example, if you visit a lot of music sites, don't be suprised if you start seeing more music ads, even on sites that don't have anything to do with music. If advertisers start combining this with personal information, it could become more invasive of privacy.
NOTE: I'm not suggesting rc.com is doing this... just that it is technically possible.
|
|
|
|
|
tim
Dec 29, 2003, 5:35 PM
Post #17 of 22
(4498 views)
Shortcut
Registered: Apr 4, 2002
Posts: 4861
|
In reply to: Cookies do, however, give up some privacy. Large ad providers like doubleclick will run ads on a whole range of sites. They can use the cookie to see what sites you as an individual have been visiting. This can help develop a profile to target you with specific ads.
In modern browsers, which is to say, software that is engineered to support the user's needs rather than an illegal monopoly's needs, you can simply turn off 3rd-party cookies. Safari, Mozilla, and Opera all make this easy, and the first two are free. If you really care about your privacy, use a browser that permits you to do something about it, and don't visit sites that have no interest in respecting your privacy.
Rc.com does sell aggregate demographics -- xx many of our users come from IP addresses in a given state, yy% of our users report that they like surfing, etc., etc.
What we don't (and won't) do is sell personal information, target objectionable malware like Gator et al. at users, or the like. We should have a privacy policy nailed together in the near future which will clarify this, but the bottom line is that we don't need (or want) to behave like scum in order to scrape out an extra buck.
In the long term, the value of the site would be vastly reduced if we ran around doing objectionable deals behind the users' backs. Mungeclimber has offered to help us hammer out a legally-workable privacy policy that will spell out what users can expect, and we'll be taking him up on this offer shortly.
In reply to: For example, if you visit a lot of music sites, don't be suprised if you start seeing more music ads, even on sites that don't have anything to do with music. If advertisers start combining this with personal information, it could become more invasive of privacy.
Doubleclick already tried this. It didn't work out as spectacularly as you might imagine -- I guess people are concerned that ads for things they want may be targeted at them?!? It's an odd concern, compared to the multitude of things that can be done to the average unwitting Windows user. (God forbid you have a Citibank card, for example) In any event, the credit card companies already know plenty about you, and anytime you donate to a charitable cause, rest assured that they'll sell you out, too. Common sense (and a healthy mistrust of Microsoft) will go a long way towards protecting you online.
Google and Tribal Fusion do things a bit differently -- the AdSense ads are targeted based on the content of the page you're browsing (so eg. in a forum thread about camper shells on this site, you may see a run of ads for camper shells or bedliners, instead of the usual Climbers for Ctulhu ads). Tribal Fusion auctions off blocks of ad clicks to the highest bidder, based on certain 'affinity groups' on specialized sites like this one. So if ITT Tech thinks that a bunch of disaffected, possibly-underemployed, computer-savvy climbers may be looking for a career change (hmm...), that's what you'll see. The TF cookies are (AFAIK) used for unique-user tracking, rather than anything nefarious, but if you don't like them, block them.
In reply to: NOTE: I'm not suggesting rc.com is doing this... just that it is technically possible.
Indeed, and that's why we need a public privacy policy to spell this out.
|
|
|
|
|
tim
Dec 29, 2003, 5:59 PM
Post #18 of 22
(4498 views)
Shortcut
Registered: Apr 4, 2002
Posts: 4861
|
In reply to: BEWARE! Alon :)
Beware of using software that works in ways you don't understand, and beware of running around shrieking at the top of your lungs every time it cries wolf. A significant number of the 'spyware' detectors are worse than useless... created by the same companies that make the worst of the spyware programs. None of them would be necessary if Microsoft and Netscape hadn't decided to ignore users' needs.
For our purposes, let's agree to use the term 'spyware' to refer to programs that install themselves on your computer, and surrepititiously monitor/log/subvert the sites you visit on the internet. The Gator program, for example, will happily pop up new windows on sites that don't use popups, and will gleefully substitute competitor's ads for paid advertisers' ads. It is not something I'd want on my computer, even if I were forced to use Windows on a daily basis. That's the kind of noxious crap that I am referring to.
Rc.com does not use/employ spyware. We use cookies to track logins (how else are you going to provide stateful features in a stateless protocol like HTTP?) and some of our advertisers use 3rd-party cookies to track unique user impressions. If that bothers you, you should seriously consider using a browser (and/or an operating system) that supports your preferences. This isn't a slam on you personally, but it is an important step towards becoming a participant in protecting your privacy, rather than on observer.
You should also consider changing the misleading title of this thread, since you are mistaken in your conclusions. Without any information to verify what 'Avenue A' is (namely, a web advertising agency that purchases blocks of space from Tribal Fusion, one of our ad resellers), and without knowing what precisely they did (used a 3rd party cookie to track unique viewers of a client's ads), you have been misled, and and arrived at an incorrect conclusion. I doubt you're doing this out of spite, but it is nonetheless inaccurate. You have basically presented Search & Destroy's results as your own, which is unfortunate, since they are misleading and incorrect.
It would be considerate of you to clarify matters; I'd certainly do the same if our roles were reversed.
|
|
|
|
|
meataxe
Dec 29, 2003, 6:40 PM
Post #19 of 22
(4498 views)
Shortcut
Registered: Oct 23, 2002
Posts: 1162
|
FYI, Internet Explorer does have privacy settings that can let you block cookies on a site-by-site basis. (I must open up passport.com, for example) :evil:
I've been using Mozilla more and more lately... for many purposes it is the better browser, but IE is necessary for me at times. We're all still paying ht price for the "browser wars" :(
|
|
|
|
|
coldclimb
Jan 3, 2004, 9:41 AM
Post #20 of 22
(4498 views)
Shortcut
Registered: Jan 14, 2002
Posts: 6909
|
Netscape is the worst program that was ever compiled! :twisted: :twisted:
Anything else works fine for me though.
|
|
|
|
|
jello
Feb 28, 2004, 3:50 AM
Post #21 of 22
(4498 views)
Shortcut
Registered: Nov 21, 2003
Posts: 89
|
Not saying it F**cks my system up,that I can tell, but Stop Sign has identified Possible Spyware That I am getting from this site.
Double Click &
Tribalfusion
I guess this is normal and shouldn't worry about it???
|
|
|
|
|
tim
Feb 28, 2004, 4:50 AM
Post #22 of 22
(4498 views)
Shortcut
Registered: Apr 4, 2002
Posts: 4861
|
In reply to: Not saying it F**cks my system up,that I can tell, but Stop Sign has identified Possible Spyware That I am getting from this site. Double Click &
Tribalfusion I guess this is normal and shouldn't worry about it???
DoubleClick and Tribal Fusion are ad networks we belong to. If you don't want their cookies and/or ads, block them.
|
|
|
|
|
|
