JT> It doesn't work like that. It's just stored data, all that
JT> happens, is that data is returned to the original sender, if
JT> the original sender asks for it. All it does is prove that
JT> you've been there before. This is where the ethics can get a
JT> little into the grey area.

 I know what a *real* cookie does... what worries me is what a virus
masquerading as a cookie *might* do. The sender is able to download a
file into a known area on your hard drive, and access it later. Jeeze!
Doesn't that worry you?

JT> You have a record of what serial number (that you've invented)
JT> has visited you, what they've done, how long they've done it,
JT> and what you haven't done. 

 I *know* all this.

JT> Virii and trojans don't come into the picture at all. (with
JT> cookies)

 If I wanted to send you a trojan, I'd have to put it in C: or
C:\windows and you could find it there. Or... I could use a cookie.

JT> A search for "cookies" via google will return many sites that
JT> explain cookies, their structure, and use.

 Who explains the illegal uses?

> A cookie is one way a remote computer can insert data into *your*
> computer.

JT> Yes. One remote site can create a cookie with its site name in
JT> it. One site cannot create a cookie on 'behalf' of another site
JT> though.

> You have no idea what's in the cookie...

JT> Nor do you really need to know or care.

 You might, if it's a trojan.

JT> Yes, that's the idea. That's how they know where you've been.

> and if they've cheated and made it an EXE (with a new header)
> then hello... the trojan rides again.

JT> Can't do that. It's just a storage system for data that is
JT> effectively a randomly generated serial number.

 You keep saying that. What it is... is a file inserted by someone
else into a known area of your hard drive. There can be *anything* in
that file, and the file can be *any* size hidden amongst thousands fo
other cookies. The only oen who knows where and what is the one who
originally inserted it.

 AND THAT WORRIES ME...

 In reply, you keep telling me what a cookie is *supposed* to be (and
I already fucking know that!).

JT> It can't just be magically changed into an executable. Even if
JT> the _data_ were a string of assembly code, it would do nothing
JT> except be sent back to the site that created it, if they
JT> requested it back. It never gets run. 

 It never gets run? How does a trojan get run?

> So, you enable cookies and hello... things start to happen as
> soon as you do something else.

JT> Stuff me. That's a little vague Bob. How about you elaborate on
JT> that and tell us _exactly_ what starts to happen when you "do
JT> something else", what's that "something else"?

 You want me to write you a virus? 

 Okay. How about I'm a respected site (like Borland), and I send you
a trojan cookie. And then I decide that it's time to wipe all the
Borland free programs past their use-by (because some bastard has
cracked the codes). Now, when you update I activate my "cookie" and
wipe your hard drive of the pirated software. Is that enough specific 
"somethign else" for you?

> By your definition, Windows itself is a virus.

JT> No, my definition of a "computer" virus is a piece of code that
JT> is self-replicating. The method of self-replication is besides
JT> the point. As is the (likely) malicious intent.

 As I said... Windows is a virus. It certainly keeps on replicating
itself, every three years it upgrades.

> I've only ever had one virus. It came with a computer I bought,
> and all it did was infect itself onto every media, over and over
> (including the floppies I used to load Windows).

JT> You mean you didn't write-protect them?

 I always use copies. Write-protect can be avoided.

JT> Yes, that's why I write protected everything. On software that
JT> wrote back to the disk (say for copy protection purposes), I
JT> made a duplicate disk *first*, then used the copy to install.

 Does the write-protect tab physically prevent writing, or does it
merely rely on the computer? Why not disable the write protect with
your virus (and catch those who believe the tab does something real)? 

> BTW, MacAfee virus scan was useless (and then *it* got
> infected!).

JT> Duh, that's why gynaecologysts don't stick their dicks into
JT> their patients. When you're trying to _cure_ an infection, it
JT> helps if you don't get infected _yourself_...

 And how does that analogy relate to anything real? Of course you
isolate the computer (and floppies) once you realise it's infected,
but by then the virus scan is *also* infected! And you can't load a
new copy because *it* will become infected!

 I get the feeling you don't understand the problem, John.

 What you have to do, is use a virgin system disk just once, to wipe
the hard drive (including the partition information). 

> That was one of your *genuine* viruses where you never know where
> it came from only what it does.

JT> You know where it came from, you can backtrack to the last
JT> known outside source of data/disks. Then you point the finger.
JT> Worked every time. 

 Jeeze, you're good.

 The trouble with a *real* virus, is that it can sit there doing
nothing until miles past you know where it came from. It may not even
be the "last" external data, but ten floppies before that. I had to
assume that my one came with the new computer, but it could have been
on a new formatted floppy just as easily.

JT> What it did demonstrate is the far-reaching implications of
JT> swapping disks, how often people did it, and the lengths they
JT> went to even on normally isolated machines.

 Once was enough for me, but even so, you run risks.

Regards,
Bob


 

  

--- BQWK Alpha 0.5