Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

NSA Web Site Places 'Cookies' on Computers
Excite News ^ | 29 December 2005 | ANICK JESDANUN

Posted on 12/29/2005 8:00:16 AM PST by ShadowAce

NEW YORK (AP) - The National Security Agency's Internet site has been placing files on visitors' computers that can track their Web surfing activity despite strict federal rules banning most of them.

These files, known as "cookies," disappeared after a privacy activist complained and The Associated Press made inquiries this week, and agency officials acknowledged Wednesday they had made a mistake. Nonetheless, the issue raises questions about privacy at a spy agency already on the defensive amid reports of a secretive eavesdropping program in the United States.

"Considering the surveillance power the NSA has, cookies are not exactly a major concern," said Ari Schwartz, associate director at the Center for Democracy and Technology, a privacy advocacy group in Washington, D.C. "But it does show a general lack of understanding about privacy rules when they are not even following the government's very basic rules for Web privacy."

Until Tuesday, the NSA site created two cookie files that do not expire until 2035 - likely beyond the life of any computer in use today.

Don Weber, an NSA spokesman, said in a statement Wednesday that the cookie use resulted from a recent software upgrade. Normally, the site uses temporary, permissible cookies that are automatically deleted when users close their Web browsers, he said, but the software in use shipped with persistent cookies already on.

"After being tipped to the issue, we immediately disabled the cookies," he said.

Cookies are widely used at commercial Web sites and can make Internet browsing more convenient by letting sites remember user preferences. For instance, visitors would not have to repeatedly enter passwords at sites that require them.

But privacy advocates complain that cookies can also track Web surfing, even if no personal information is actually collected.

In a 2003 memo, the White House's Office of Management and Budget prohibits federal agencies from using persistent cookies - those that aren't automatically deleted right away - unless there is a "compelling need."

A senior official must sign off on any such use, and an agency that uses them must disclose and detail their use in its privacy policy.

Peter Swire, a Clinton administration official who had drafted an earlier version of the cookie guidelines, said clear notice is a must, and 'vague assertions of national security, such as exist in the NSA policy, are not sufficient."

Daniel Brandt, a privacy activist who discovered the NSA cookies, said mistakes happen, "but in any case, it's illegal. The (guideline) doesn't say anything about doing it accidentally."

The Bush administration has come under fire recently over reports it authorized NSA to secretly spy on e-mail and phone calls without court orders.

Since The New York Times disclosed the domestic spying program earlier this month, President Bush has stressed that his executive order allowing the eavesdropping was limited to people with known links to al-Qaida.

But on its Web site Friday, the Times reported that the NSA, with help from American telecommunications companies, obtained broader access to streams of domestic and international communications.

The NSA's cookie use is unrelated, and Weber said it was strictly to improve the surfing experience "and not to collect personal user data."

Richard M. Smith, a security consultant in Cambridge, Mass., questions whether persistent cookies would even be of much use to the NSA. They are great for news and other sites with repeat visitors, he said, but the NSA's site does not appear to have enough fresh content to warrant more than occasional visits.

The government first issued strict rules on cookies in 2000 after disclosures that the White House drug policy office had used the technology to track computer users viewing its online anti-drug advertising. Even a year later, a congressional study found 300 cookies still on the Web sites of 23 agencies.

In 2002, the CIA removed cookies it had inadvertently placed at one of its sites after Brandt called it to the agency's attention.


TOPICS: Constitution/Conservatism; Culture/Society; Government; Technical
KEYWORDS: cookies; notagain; nsa; website
Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-8081-82 next last
To: TigersEye

None of my websites do.


41 posted on 12/29/2005 9:01:17 AM PST by ASA Vet (Those who know don't talk, those who talk don't know.)
[ Post Reply | Private Reply | To 4 | View Replies]

To: antiRepublicrat
Big deal over nothing. Yes, government policy says not to do it, but anyone who has ever done server config knows that things can get turned back on automatically, especially in the Microsoft world. Mistakes happen, they fixed it. Forget it.

Too bad it wasnt Microsoft...its a Sun os. ;) Sun and their evil ways... lol

42 posted on 12/29/2005 9:01:21 AM PST by smith288 (Peace at all cost makes for tyranny free of charge...)
[ Post Reply | Private Reply | To 24 | View Replies]

To: ASA Vet
None of my websites do.

If your websites dont have cookies...then it doesnt do anything cool to necessitate them. ;)

43 posted on 12/29/2005 9:02:08 AM PST by smith288 (Peace at all cost makes for tyranny free of charge...)
[ Post Reply | Private Reply | To 41 | View Replies]

To: smith288

Hmmmm?? Then why are there cookies from JCPenney on my computer when I haven't been to their website ..??


44 posted on 12/29/2005 9:03:38 AM PST by CyberAnt ( I believe Congressman Curt Weldon re Able Danger)
[ Post Reply | Private Reply | To 34 | View Replies]

To: CyberAnt

Umm... you may not have known it but websites have frames and other jazzy things going on. An iframe could have placed it when you were at some other marketplace.

Advertisements are famous for their iframes and such.


45 posted on 12/29/2005 9:05:19 AM PST by smith288 (Peace at all cost makes for tyranny free of charge...)
[ Post Reply | Private Reply | To 44 | View Replies]

To: smith288

But none of the sites I went to had any connection to JCPenney .. but I suppose that may not matter ..??

But .. some days I don't go to any websites - I'm busy working on Word or Excel - then what .. where do the cookies come from then - because I check it everyday before I turn off my computer.


46 posted on 12/29/2005 9:09:34 AM PST by CyberAnt ( I believe Congressman Curt Weldon re Able Danger)
[ Post Reply | Private Reply | To 45 | View Replies]

To: smith288

I haven't been "cool" since I was a teenager 40 years ago.


47 posted on 12/29/2005 9:13:49 AM PST by ASA Vet (Those who know don't talk, those who talk don't know.)
[ Post Reply | Private Reply | To 43 | View Replies]

To: ShadowAce
NSA Web Site Places 'Cookies' on Computers

Big deal The MSM Web Site's have been placings 'Crockies' on Computers for years

48 posted on 12/29/2005 9:15:12 AM PST by tophat9000 (lose 3000 in an hour and you want to fight, lose 2000 in 2 years and you want to run !???)
[ Post Reply | Private Reply | To 1 | View Replies]

To: smith288
Too bad it wasnt Microsoft...its a Sun os. ;) Sun and their evil ways... lol

The NSA has been running IIS for a while. And it seems a bit stupid to run Sun in the back and use IIS as a proxy.

49 posted on 12/29/2005 9:17:26 AM PST by antiRepublicrat
[ Post Reply | Private Reply | To 42 | View Replies]

To: CyberAnt
But .. some days I don't go to any websites - I'm busy working on Word or Excel - then what .. where do the cookies come from then - because I check it everyday before I turn off my computer.

Im a professional web developer, Im just telling you how cookies work. They arent set by emails unless you use an online email service such as Yahoo or hotmail and use your web browser to view them. Then the advertisements could set cookies.

If you have cookies popping up on your computer without EVER using the internet, you might want to run a scan using microsofts anti-spyware utility (works fantastic regardless of what haters say). Cookies dont just pop up out of nowhere and cant be set in an email client like outlook (unless you have security set to nonexistent).

50 posted on 12/29/2005 9:18:27 AM PST by smith288 (Peace at all cost makes for tyranny free of charge...)
[ Post Reply | Private Reply | To 46 | View Replies]

To: antiRepublicrat
The NSA has been running IIS for a while. And it seems a bit stupid to run Sun in the back and use IIS as a proxy.

The session cookie being set is a JSESSION cookie which is a java language sun web server cookie. Just sayin.

51 posted on 12/29/2005 9:19:32 AM PST by smith288 (Peace at all cost makes for tyranny free of charge...)
[ Post Reply | Private Reply | To 49 | View Replies]

To: ASA Vet
I haven't been "cool" since I was a teenager 40 years ago.

You dont have to be cool to offer something cool. :D Im a glowing model of that! lol

52 posted on 12/29/2005 9:20:49 AM PST by smith288 (Peace at all cost makes for tyranny free of charge...)
[ Post Reply | Private Reply | To 47 | View Replies]

To: conservativecorner

I run ad-aware every day. 20-40 are removed every time.


53 posted on 12/29/2005 9:21:20 AM PST by R. Scott (Humanity i love you because when you're hard up you pawn your Intelligence to buy a drink.)
[ Post Reply | Private Reply | To 16 | View Replies]

Comment #54 Removed by Moderator

To: smith288
The session cookie being set is a JSESSION cookie which is a java language sun web server cookie. Just sayin.

They're running Cold Fusion, which runs off of the Java platform, in this case on Windows. I'm betting what they did is upgrade Cold Fusion, and the new install turned cookies on.

55 posted on 12/29/2005 9:35:56 AM PST by antiRepublicrat
[ Post Reply | Private Reply | To 51 | View Replies]

To: antiRepublicrat
They're running Cold Fusion, which runs off of the Java platform, in this case on Windows. I'm betting what they did is upgrade Cold Fusion, and the new install turned cookies on.

Ah...im an ASP.net man myself which leads me to the ignorance of which platform they are using exactly. Thanks. I knew it was java of some sort. Do you have some intimate knowledge of their web dept or something?

56 posted on 12/29/2005 9:37:18 AM PST by smith288 (Peace at all cost makes for tyranny free of charge...)
[ Post Reply | Private Reply | To 55 | View Replies]

To: ShadowAce

I'm more concerned about the cookies placed by any member of the MSM like the NY Slimes if I stray into their site.

Twice a day, I use SBC/Yahoo's new cookie spotter and remove all new cookies. My computer runs much better.

The worse offender was AOL going back years when I was an AOL customer and used their so called free cds for AOL updates. Lets see AOL is owned by Time Warner which also ownes Slime Pseudo News and CNN.


57 posted on 12/29/2005 9:39:54 AM PST by Grampa Dave (The NY Slimes has been committing treason and sedition for decades.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: quefstar
However US Government websites are forebidden to do so by statute. Ah, hell one more rule to be overlooked.

What we have here is a simple oops being amplified by a moronic vulture like press pouncing on deadend stories in hopes of catching the evil Bush govt red handed.

That statute is somewhat illogical however. Cookies are largely harmless and can serve a fine purpose. To limit a web site from using them limits the user's possible experience (if they desire to have one of course).

58 posted on 12/29/2005 9:42:01 AM PST by smith288 (Peace at all cost makes for tyranny free of charge...)
[ Post Reply | Private Reply | To 54 | View Replies]

To: Ernest_at_the_Beach; little jeremiah; EdReform; PhilDragoo; devolve; Liz; BOBTHENAILER

This creep pseudo writer spends most of its time penning articles pushing the Gay agenda.

What a surprise! Below is the link of Anick Jesdanun + Gay:

http://search.yahoo.com/bin/search?fr=ybr_sbc&p=ANICK%20JESDANUN%20Gay


59 posted on 12/29/2005 9:42:59 AM PST by Grampa Dave (The NY Slimes has been committing treason and sedition for decades.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: TomGuy

Didn't they change the cookie monster to the brocolli monster or some PC silly thing like that?


60 posted on 12/29/2005 9:45:13 AM PST by Always Right
[ Post Reply | Private Reply | To 12 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-8081-82 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson