JT> You can't. It contains several parameters:

JT> Cookie name: (manditory) the name of the cookie. Content:
JT> (manditory) usually a unique identifier, serial number of
JT> sorts. Exipres: time/date when the cookie is no longer valid
JT> Path: the network path the cookie is valid for. Domain: the
JT> domain the cookie originated from.

JT> None of which are code, or executable, in any way.

 Good Lord! Are you saying that hackers don't lie and cheat? Thank
goodness for that. And here was I, thinking that all I had to do was
call and EXE a cookie, and wait for the first person to open it by
clicking on Explorer...

 You've just finished explaining that "text" can be anything in the
Windows environment. So all I have to do is put a ZIP EXE header on my
cookie, and WinZip will try to run it for me...

JT> A search for "cookies" via google will return many sites that
JT> explain cookies, their structure, and use.

 Assuming that the world is a lovely place where no one cheats.

JT> No, that was Bob's paranoia telling him that cookies are some
JT> evil thing that can hack into your computer. When the fact
JT> remains, that the host could _create_ and _request_ an exising
JT> cookie to see if you've been there before. And then, they can
JT> only be created (or returned) if the *browser* allows it.

 A cookie is one way a remote computer can insert data into *your*
computer. You have no idea what's in the cookie... *they* own it. If
you visit them again, they access your cookie, and if they've cheated
and made it an EXE (with a new header) then hello... the trojan rides
again.

JT> Note however, that many sites *need* cookies to keep track of
JT> where you are, and where you've been, otherwise they won't
JT> work. Those who do, check to see if you have cookies enabled
JT> first, and warn you if you don't. 

 So, you enable cookies and hello... things start to happen as soon
as you do something else. Rod is right. *You* have to run something,
but not necessarily what you think you are running...

JT> I've got one better. Remember the "Good times" virus? The virus
JT> where its sole mechanisim for duplication was the end user
JT> themselves? (I'm calling it a virus because it did indeed
JT> propigate and duplicate). 

 My definition of a virus is something that harms *my* data. By your
definition, Windows itself is a virus.

>> Whoops, that's it, I've just made Bob even more paranoid.

> Is that possible? ;-)

JT> It is now that he knows about the Good times virus. :-)

 I've only ever had one virus. It came with a computer I bought, and
all it did was infect itself onto every media, over and over
(including the floppies I used to load Windows). It is amazing how
many floppies you can infect (not to mention the hard drive), when you
load a new system. By the time I realised what was happening, I'd
infected all my backups (I never use the original discs to load
anything) and I was within an ace of infecting the other computer as
well.  

 I created a fresh system disc, booted, and wiped the whole fucking
thing, partitions and all. Then I did it again.

 BTW, MacAfee virus scan was useless (and then *it* got infected!).
That was one of your *genuine* viruses where you never know where it
came from only what it does. I think it was a boot sector virus, but I
never found it.

Regards,
Bob

 

--- BQWK Alpha 0.5