HTMLGOODIES EXPRESS (tm)
July 31, 2000-- Newsletter #91
Application Security Testing: An Integral Part of DevOps
HTMLGOODIES EXPRESS (tm)
July 31, 2000--Newsletter #91
Please visit http://www.htmlgoodies.com
Greetings, Weekend Silicon Warrior,
I have three quick things I need to tell you before hitting the newsletter topic for the week.
Some of you saw the HTML Goodies updated format last Friday. It went live for the better part of the day and we ran into a bunch of problems. It's been taken down for some more beta testing. The new format will be XML-driven and really slick. You will love it. You'll be able to find exactly what you search for rather than going through all the hierarchy pages. You'll see it again when I give the OK that it works perfectly.
Thing Number Two:
My parent company, Earthweb Inc., has asked me two write more newsletters. I have agreed to do one more, maybe a third. The second newsletter will be a weekly critique of a Web site. It's meant to help people to critique their own sites and create a better site design. The one hitch is that I need some sites to critique. If you would like your site critiqued in this new newsletter, please write to me. If your site is critiqued, you'll get a little image to put on your site stating that you were featured in my weekly newsletter. It's a great way to get your site in front of a ton of people. To get your site critiqued, send an email to (DO NOT SIMPLY REPLY TO THIS NEWLETTER): email@example.com. Copy and paste this into the email body:
***This email is to offer Joe Burns Ph.D. permission to critique my Web site in his weekly newsletter. I understand that any, or all, of my site's content may be quoted or screen captured for display in the newsletter or on the Web. By sending this email I am affirming that I am the site's creator, owner, and have the ability to offer permission for the site to be critiqued.***
Please make a point of making the subject line: Newsletter Critique Permission so I can quickly pick out the correct emails. Please understand that I must have this permission paragraph before I can use your site. I will only critique a site once I have the permission. I cannot write a critique and then send it to you for an OK. Time constraints require I get permission first and then move forward with the critique.
I'm sorry to say that in order for me to write this second weekly newsletter something else has to give. The current run of Script Tips will be the last.
You will be given the ability to sign up for this second newsletter very soon. I'll most likely have information how to sign up in next week's newsletter.
Thing Number Three:
As I said above, Earthweb Inc. has asked if I would do two more newsletters per week. The first is noted above. I've suggested a couple of topics for a third, but they've not done back flips over the topics so I said I would ask all quarter million of you.
What do you think would be a good topic for a third newsletter? The field is wide open. I just want to hear what you have to suggest. I can't guarantee that any of topics will be used or if there will even be a third newsletter. I just need to get some other opinions and you're the smartest people I know.
Shoot any suggestions off to my HOTMAIL account. That will help me keep this week's email avalanche contained.
Again! Send suggestions to my HOTMAIL account: firstname.lastname@example.org
Thanks for your help.
Now onto today's topic
Would you live in the Big Brother house? I don't think I could. I have too many nasty habits that I hide from the rest of the world to open up that much. If those people want us to watch, more power to them, but leave me out of it. I think CBS is being nice in not showing us every time one of them picks their nose, but ratings are still up. Wait until they start to drop. We'll see Josh digging for gold.
We watch them. They chose to let us watch them. But what if someone was watching you? Well, grab a glass of milk. You'll probably have some cookies today.
If you hate cookies and hate the tracking that is going on through their use, someone has come to your rescue. The problem is that it just may be the one you hate.
While attempting to patch the latest security hole in its Outlook mail application, Microsoft announced it was now beta testing a patch hat that would act as a cancel program for cookies.
It would work this way, once on your computer, the program would pop up a note stating that a third party was attempting to put a cookie on your browser. Now, that term third-party is the key in my eyes. I am one party. The site I am visiting is another. The advertiser is, I think, what they mean by a third party.
The user is alerted that a cookie is going to be placed and can decide whether to allow it or not. Furthermore, users can get away from nagging alert windows every time they turn around by setting the program to disallow any further cookies from that third party.
The Microsoft program is more interested in what are known as persistent cookies, those that stay on your computer after you have left a site. You may not know this, but many sites will set a cookie just for the time you are in their site. Once you leave, the cookie vanishes after a short period of inactivity or after a countdown. HTML Goodies worked like that for a short time when I first started offering banner ads.
This is a pretty good idea, I must admit, but I don't know that it gets to the heart of the matter. It will protect the person who faithfully uses the system, but we can get the same effect right now. Set your browser to disallow cookies. The effect is the same. One is just a little more technically advanced than the other.
If cookies were used as was first expected, to track macro traffic flow and assist within websites, then there probably wouldn't be this big concern over their use. But I fear it is not the cookie that is the major problem. It is what the companies that place the cookie are doing with the information.
Here are a few cases in point.
Geocities claimed they would never sell the information collected by their cookies. Tough luck for those of you who believed it. Geocities has recently sold the information to an ad firm in order to create direct marketing. They rationalized the move by stating that they altered their privacy statement before making the move.
So? What if I did re-read the privacy statement and didn't want you to do that with my information? Who could I have contacted? How could I have plucked my name, email, and other information from the database?
In 1996, DoubleClick CEO Kevin O'Conner stated he would never unmask the identities of those who have anonymous cookies placed on their systems.
Oops. In 1999, DoubleClick paid a company called Abacus Direct Corp. one billion dollars to do just that.
And so it goes. I felt the cookie was a great invention. I really did. The original thought process of tagging users in order to track macro traffic and help browsers to remember passwords and IDs was great. But what was once a good idea has now become something of a dog that was let in the house before it was fully grown. We, the users, never saw it coming.
I fear that the reason cookies and their new profiling uses are so prevalent is because the practice is so profitable. If this new application by Microsoft is as successful, as I think it will be, then it's up to the companies that profile to find a different method of doing it.
Will they find a way? Yes. Of course they will.
Will it be something surfers can live with? No way.
The method has to be covert or the obtained data is tainted. If these companies only took data from those that willingly offered it, then the data would be minimal at best and skewed at worst. It would be unusable.
Soon we will have bigger and better cookie blockers. Then a new method of tracking will be created. Soon we'll have something that blocks that. Then a new method of tracking will pop up. And so it goes.
The use of these cookie blockers may spell trouble for those who do not sell anything on a Web site and survive only by advertising. The banner ads won't be able to be tracked as efficiently and advertisers might not be so willing to pay the higher cost if they cannot be assured that the ad banner are being served up to the right people.
I see this as the beginning of a real fight. If this product works like Microsoft says it will (and it will after a few versions), then cookies and profilers are stopped at the source. To use a tired expression, there is now a weapon against what many see as evil.
We don't want the cookies and the companies don't want us to not have the cookies. It's going to be interesting to see how this plays out. I make a point of erasing my cookies almost one every two days now. I know that's not a perfect response but it certainly doesn't allow for decent tracking. I tried shutting off the cookies, but the nag messages became too much to deal with. Many sites, like HotMail, won't work unless you have the cookies enabled.
The problem is that I cannot erase a cookie the company writes to their own server. Watch for that soon.
That's that. Thanks for reading, all quarter million of you.
Joe Burns, Ph.D.
And Remember: The Caesar Salad is not named after Julius Caesar as many believe, but rather Caesar Gardini. He was use to seeing the salad at his Tijuana restaurant Caesar's Place. The salad was a local favorite but gained national attention when Mike Romanoff began serving it at his famous Hollywood restaurant.
IT Solutions Builder TOP IT RESOURCES TO MOVE YOUR BUSINESS FORWARD
Which topic are you interested in?
What is your company size?
What is your job title?
What is your job function?
Searching our resource database to find your matches...