Friday, September 17, 2010

A Loophole Big Enough for a Cookie to Fit Through

Riva Richmond writes in The New York Times:

If you rely on Microsoft’s Internet Explorer’s privacy settings to control cookies on your computer, you may want to rethink that strategy.

Large numbers of Web sites, including giants like Facebook, appear to be using a loophole that circumvents IE’s ability to block cookies, according to researchers at CyLab at the Carnegie Mellon University School of Engineering.

A technical paper [.pdf] published by the researchers says that a third of the more than 33,000 sites they studied have technical errors that cause IE to allow cookies to install, even if the browser has been set to reject them. Of the 100 most visited destinations on the Internet, 21 sites had the errors, including Facebook, several of Microsoft’s own sites, Amazon, IMdb, AOL, Mapquest, GoDaddy and Hulu.

More here.


Post a Comment

<< Home