Cookies and Corporate Monsters

As a lad I learned to make a darn fine oatmeal raisin cookie. The recipe was handed down by my family, which I think they pulled from an old Alberta farm cookbook. Read on if you want our prized cookie recipe. Sorry, metric-heads, all imperial measures here.

The recipe calls for 2 cups brown sugar, which I always considered too sweet, so I put in a packed cup and a half. Then add a half-cup of margarine.

Incidentally, if you spend any time on Internet, you’ve probably heard the fuss about another sort of cookie, one not quite as tasty. Internet ” cookies” are small files that are stored on a user’s computer to serve as identifiers for tracking user movements across the Web. Cookies were intended to be used within one Web site to, for example, simplify logging in to a membership-based site, or automate the process of on-line shopping.

But Internet advertising agencies such as DoubleClick and NetGravity now use cookies to silently track a user’s movements between client sites – such as the search engine AltaVista – that carry their advertising. For example, when a user visits AltaVista, a cookie is stealthily sent along with that site’s image files, and the information is stored in a database on a remote server at DoubleClick.

This use of cookies worries many Netizens, who feel like they are being watched. The fear is that the anonymous database entry will be used to build a profile of their likes and dislikes.

Not that our Web “likes” will get us into trouble, heaven forbid. But if viewing shirtless boys playing volleyball or regular hits to davidcassidy.com is someone’s thing, either way we don’t want that information winding up in some marketer’s hands.

Oh, continuing with the recipe. Add a teaspoon of vanilla extract, and then 2 large eggs, and stir well.

Lately, some software developers are cashing in on the current cookie craze. PGP, the makers of “pretty good privacy” software encryption, have developed “Cookie Cutter” which for $30 is supposed to render PC’s cookie-proof. Contributors to newsgroups such as alt.privacy are also giving advice on how to protect your computer from the little biscuits.

Most of the popular browsers – such as Netscape 3.0 and Microsoft Internet Explorer 3.0 – have always had a notification option for cookies. But constant warning prompts from cookie-laden sites tire people out, and most simply leave the option off, and accept that they are being tracked by the dreaded cookies.

This is likely the desired effect. Cookies are less meddlesome when they are invisible.

Continuing with the recipe. Add 2 cups of rolled oats, a teaspoon of baking powder, a half teaspoon of baking soda, and a teaspoon of cinnamon. Again, stir.

A bunch of sites have lately cropped up to inform Netizens how they are being tracked. A good place to start is ” Anonymizer.com“, which is supposed to enable users to surf anonymously. However, once you start surfing through the Anonymizer server, you have to have faith that they themselves are not just tracking your Web habits in the guise of good Samaritans. Also, how they pay for this “freedom” is that the top and bottom of your browser window is loaded with banner advertisements. Most will definitely go elsewhere to be anonymous.

The Center for Democracy and Technology is another site dedicated to this mania for security. They have a test page set up to reveal what a typical Web server can discover about you. Click a link, wait a few seconds, and it reports back what country you are surfing from, what kind of computer you use, what browser you use, and recent sites you’ve visited. Then, ominously, it reminds you, “This is what we can find out, imagine what others can.” Well, they didn’t exactly tell me what my Visa bill was, but their point is clear. One just doesn’t “hide” on Internet, like you might in your home while watching TV.

The key to this cookie dough is lots of raisins. The recipe recommends a cup, but I put in almost two. Take a colander and run hot tap water over the raisins for a minute. Dump the steaming raisins onto some paper towels and pat the excess moisture off them. Then take your towel full of warm plump raisins and dump them in the mixing bowl, and stir away.

Others have decided not to fight the privacy issue on the software level, but legally. Some well-intended citizen recently posted a page full of legalese in alt.privacy that supposedly would protect you from unwanted intrusions. Here is just a sample (the CAPS are theirs):

YOU ARE HEREBY ORDERED TO NOTIFY THE ORIGINATOR, BY ELECTRONIC MEANS, OF ANY VIOLATION THEREOF, AND TO IMMEDIATELY RETURN THE MESSAGE TO THE ORIGINATOR. THE SENDER, BY USING THE SERVICES CONTRACTED FROM THE INTERNET SERVICE PROVIDER, AND IN TRANSMITTING THE MESSAGE THROUGH SUCH SERVICES AND MEANS, DOES NOT CONSIGN, RELINQUISH, SUBSTITUTE OR ALTER IN ANY FORM, THE SENDER’S RIGHTS…

The post recommended that you attach the entire 450 word text file at the end of all Internet emails. In the end it may not protect you, but it would be a sure way to scare off nearly everyone you correspond with.

Coconut-lovers have the option of adding a cup or so of the shredded stuff. I like to add some, but the cookies are just as tasty without.

By the way, if you haven’t already, pre-heat the oven to 375° F.

The temperature of the much-discussed browser wars (between Microsoft’s Internet Explorer and Netscape’s Navigator) recently heated up. Many suspect Microsoft’s domination of mass communications is a certainty. We may not like it but someday we may all pay a tithe to Monsignor Gates. Until recently, using Netscape was a way to deflect that dominance, then Microsoft came out with an arguably better piece of software in IE 3. Further, a GQ magazine article exposed (Netscape founder) Mark Andreeson’s dubious and deceitful role in developing their browser, confirming that neither side was the model of virtue.

Recently, the two browser developers began to respond to the public’s fears about invaded privacy. The next version of Navigator (version 4.0) will support at least one element of a new Internet standards draft that proposes extensive end-user control and monitoring of cookie transactions that are now near-invisible. “Netscape Navigator 4.0 will support a preference that will allow you to disable links that are unverifiable,” Netscape representative Lou Montoulli told Wired magazine. “If you are concerned about being tracked in that way, you can change a preference and it won’t be possible for [ tracking sites ] to do that.”

Some security bugs in Microsoft’s browser made headlines in papers like the Washington Post this month, and the software giant scrambled to fix them. The story of how it was discovered is testament to the power of Internet. Paul Greene, a student at Worcester Polytechnic in Massachusetts said he happened upon the bug – which can remotely trigger the execution of files on the user’s machine – by accident. He and his two roommates first notified Microsoft via email at 4 a.m. Thursday February 27th.

On Friday Microsoft PR assured them that the bug was not a big deal. A perpetrator would need to know too many details about your computer in order for this bug to work, said the email. Greene responded to Microsoft’s ambivalence with a public Web site, which he called ” Cybersnot“, that demonstrated the bug. The site launched on Saturday March 1st.

At Cybersnot, Greene proved that by clicking a link you could effectively run programs on your own computer. Greene noted that not only could this happen without you knowing it, but it could do something as serious as delete the contents of your hard drive.

By Monday the 3rd (a mere 4 days after reporting the bug) the story was not only buzzing through high tech circles, but it was being reported by mainstream news sources like CNN. Microsoft that morning set up a page with assurances that a bug fix would be readied within 48 hours. Needless to say, some programmers did not sleep for the next two days. Microsoft had the fix ready for download by mid-week, as promised.

Two more similar bugs were found within days of the fix, leaving the Redmond, WA developer reeling. Security, not Internet bells and whistles like streaming video, desktop convergence, or Java apps, had become the Net’s number one issue.

Whether Microsoft learns a lesson from the Cybersnot experience will only be viewed in the long run. It does prove that competition has made them into a more responsive developer. One wonders if they would be quite so concerned with bugs without a strong opponent like Netscape.

Security concerns will continue to grow as Internet traffic builds. And although it’s important to stay informed on these issues, it’s possible one can become obsessed with cookies. Privacy is good, but paranoia destructive. Truth is, unless you dabble in illegal porn, bomb recipes or state secrets, it’s unlikely the authorities will be banging on your door soon. More likely, you may wind up on another consumer mailing list, a seemingly unavoidable modern fact of life.

Now, the finishing touches of my cookie recipe. Add 2 cups of flour (preferably whole wheat), stir well. Spoon out the dough onto a greased cookie pan, flatten them with a fork, and bake for 10 – 12 minutes. Let the cookies cool and enjoy them with a big glass of milk. The recipe should make a couple dozen of the finest oatmeal raisin cookies you’ve eaten.

By the way, if you like the recipe, let me know and send an email. And don’t worry, it’ll be our secret ;-).

Illustration provided by Pete/Digiboy.