This story broke yesterday talking about the NSA website placing files on our
computers to track what websites we visit. These are the notorious cookie files
everyone hears about. Even though most websites use cookies, the ones used by
the NSA are actually illegal.
NEW YORK – The National Security Agency’s Internet site has been placing
files on visitors’ computers that can track their Web surfing activity
despite strict federal rules banning most of them.These files, known as “cookies,” disappeared after a privacy
activist complained and The Associated Press made inquiries this week, and
agency officials acknowledged Wednesday they had made a mistake.
Nonetheless, the issue raises questions about privacy at a spy agency
already on the defensive amid reports of a secretive eavesdropping program
in the United States.“Considering the surveillance power the NSA has, cookies are not exactly
a major concern,” said Ari Schwartz, associate director at the Center for
Democracy and Technology, a privacy advocacy group in Washington, D.C. “But
it does show a general lack of understanding about privacy rules when they
are not even following the government’s very basic rules for Web privacy.”Until Tuesday, the NSA site created two cookie files that do not expire
until 2035  likely beyond the life of any computer in use today.Don Weber, an NSA spokesman, said in a statement Wednesday that the
cookie use resulted from a recent software upgrade. Normally, the site uses
temporary, permissible cookies that are automatically deleted when users
close their Web browsers, he said, but the software in use shipped with
persistent cookies already on.
View complete article
here.
One problem I have with their defense is that the cookies were added on their
software and they didn’t know about it. The NSA is the department in the
government that knows more about computers than anyone. They even have their own
version of LINUX you can download for free that they custom made for higher
security. I’m sorry but for an agency so involved in computer security/science
something like an illegal tracking cookie will be easily caught and not put out
on their site.
Apparently, the NSA used some third party software to power their site. So
the National Security Agency does not check on the security of this software?
Whose to say this company doesn’t have some back door webpage that goes in and
reveals the root password or SQL passwords to the maker of the software? It is
very possible and very easy to do. I also wonder if the company that made this
software will be charged with violating a federal ban on the cookies.
Now cookies aren’t a bad thing. This site alone places a couple small cookies
on your computer. One is made by StatCounter just to tell if you have been here
before and update the visit counter appropriately. The other one is done if you
comment. If you choose to have the comment system remember your information, it
does so by placing a small cookie file on your computer. All it amounts to is a
small text file with your name, email and homepage that is only readable by this
website.
If anyone has visited the NSA website and is afraid they might have been
infected with this cookie, don’t threat. There is a simple cure and it won’t
cost anything but a few minutes of your time.
First thing you need to do is to download to very important programs that
should be on anyone’s computer.
Spybot S&D and
AdAware. Both are free programs and very good tools for security. They both
do essentially the same thing, they search for cookies and spybots on your
computer and erase them. I say to run both because that is what I do and every
time I run both of them I find some problem that the other program missed. Just
download and run these programs and you should be fine.
If you are not confident in those programs eliminating the problem there is
another solution. Go to your start menu then click on Control Panel. From there
select Internet Options. In the middle of the window that pops up there are some
buttons. Click the Delete Cookies and Delete Files buttons and you will be
fixed. This is for Internet Explorer only. Other browsers are different so you
should check the documentation on deleting temporary internet files and cookies
for the browser you are using.