Cookie question

Can a 3d party connected to one browser read the cookies in another
browser's cookie jar?

(like IE and FF or FF and the AOL browser that looks a lot like FF.)

wrote:
Can a 3d party connected to one browser read the cookies in another
browser's cookie jar?

(like IE and FF or FF and the AOL browser that looks a lot like FF.)

If you haven't purposefully modified two browsers to "share"
a common profile folder, the answer is "No", they shouldn't
be able to snoop. The software designers were supposed to go
to some degree of effort, to prevent that from happening.

Sometimes this is taken to extremes, when an AV product
keeps a browser in a "sandbox".

*******

Say I go to "able.com" and read a delightful web article.
I look at the bottom of the browser screen, and I see
"googleadservices" flash by.

Later, I go to the "baker.com" site and see an advert for
able.com or see pictures of some product I was interested
in on able.com . I look at the bottom of the screen
and I see "googleadservices" flash by.

Hmmm.

Each time you visit a web page, a metric ton of domains
flash by. Perhaps the domains record their own cookies ?
Perhaps you would select the option that tosses cookies
when you drop a page ? There is "incognito mode" on some
browsers, but I don't know how well any of these techniques
work when the browser pages "leak" from one page to the
next. If particular companies always get to place .js code
on the web pages you visit, I doubt your privacy will
be maintained. And a "Googlean" thing is present on just
about every page you visit.

Sometimes, for fun, I shop for "socks" on Amazon.com . Then
later, if I visit the CNN news site, I will get to enjoy
pictures of "socks" on the right hand margin of the screen.
It's fun to jerk their collective corporate chains :-)

If I were to switch browsers, my "interest in socks" should
not travel with me. As all the involved cookies were
contained in the profile of the first browser. The second
browser I pick up and use, none of the cookies in there
have recorded my interest in Argyle Socks quite yet.

And web companies do not typically use IP addresses for
tracking you, as that's considered an unreliable method
in a "DHCP universe". If it wasn't for that, I could see
them being tempted to do "associations" via IP address.
Then two browsers could see sock adverts, just because
they both came from 1.2.3.4 IP address.

(Click this, to see lots of sock adverts where they don't belong, later :-)
And so on.)

https://www.amazon.com/Mens-Navy-Ora.../dp/B01N52HH3Z

My search history and product view info at Google says
"I have a bizarre taste in socks". And that's what I want
it to say.

Paul

On Sat, 21 Apr 2018 23:11:23 -0400, Paul
wrote:

wrote:
Can a 3d party connected to one browser read the cookies in another
browser's cookie jar?

(like IE and FF or FF and the AOL browser that looks a lot like FF.)

If you haven't purposefully modified two browsers to "share"
a common profile folder, the answer is "No", they shouldn't
be able to snoop. The software designers were supposed to go
to some degree of effort, to prevent that from happening.

Sometimes this is taken to extremes, when an AV product
keeps a browser in a "sandbox".

*******

Say I go to "able.com" and read a delightful web article.
I look at the bottom of the browser screen, and I see
"googleadservices" flash by.

Later, I go to the "baker.com" site and see an advert for
able.com or see pictures of some product I was interested
in on able.com . I look at the bottom of the screen
and I see "googleadservices" flash by.

Hmmm.

Each time you visit a web page, a metric ton of domains
flash by. Perhaps the domains record their own cookies ?
Perhaps you would select the option that tosses cookies
when you drop a page ? There is "incognito mode" on some
browsers, but I don't know how well any of these techniques
work when the browser pages "leak" from one page to the
next. If particular companies always get to place .js code
on the web pages you visit, I doubt your privacy will
be maintained. And a "Googlean" thing is present on just
about every page you visit.

Sometimes, for fun, I shop for "socks" on Amazon.com . Then
later, if I visit the CNN news site, I will get to enjoy
pictures of "socks" on the right hand margin of the screen.
It's fun to jerk their collective corporate chains :-)

If I were to switch browsers, my "interest in socks" should
not travel with me. As all the involved cookies were
contained in the profile of the first browser. The second
browser I pick up and use, none of the cookies in there
have recorded my interest in Argyle Socks quite yet.

And web companies do not typically use IP addresses for
tracking you, as that's considered an unreliable method
in a "DHCP universe". If it wasn't for that, I could see
them being tempted to do "associations" via IP address.
Then two browsers could see sock adverts, just because
they both came from 1.2.3.4 IP address.

(Click this, to see lots of sock adverts where they don't belong, later :-)
And so on.)

https://www.amazon.com/Mens-Navy-Ora.../dp/B01N52HH3Z

My search history and product view info at Google says
"I have a bizarre taste in socks". And that's what I want
it to say.

Paul

I have alarming experiences with facebook that make me think they are
sniffing coolies on my machine. My dog has a page. I am not on it and
I have carefully avoided being there at all but I get pop up ads for
things my wife and I just bought on Amazon. They had to be sniffing a
cookie or something.
I really should get my dog his own computer I guess ;-)

My dog has a page. I am not on it and I have carefully
avoided being there at all but I get pop up ads for things
my wife and I just bought on Amazon.

That probably has got nothing to do about cookies, and everything about how
that company (and others) link "people" together - on *their* servers,
something which you cannot do squat about.

In the worst of circumstances your computer has a static IP. In another
amazon could have used machine fingerprinting, by which they could have
noticed that you and your dog use the very same computer.

In yet another their page uses flash player, and stores the data there
(might well be a cross-browser storage. who knows ...)

Regards,
Rudy Wieser

R.Wieser wrote:
My dog has a page. I am not on it and I have carefully
avoided being there at all but I get pop up ads for things
my wife and I just bought on Amazon.

That probably has got nothing to do about cookies, and everything about how
that company (and others) link "people" together - on *their* servers,
something which you cannot do squat about.

In the worst of circumstances your computer has a static IP. In another
amazon could have used machine fingerprinting, by which they could have
noticed that you and your dog use the very same computer.

In yet another their page uses flash player, and stores the data there
(might well be a cross-browser storage. who knows ...)

Regards,
Rudy Wieser

Adobe Flash has a Control Panel, complete with a Delete option
in it, for dumping flash metadata (cookies).

Paul

In message ,
writes:
On Sat, 21 Apr 2018 23:11:23 -0400, Paul
wrote:
[]
Say I go to "able.com" and read a delightful web article.
I look at the bottom of the browser screen, and I see
"googleadservices" flash by.

Later, I go to the "baker.com" site and see an advert for
able.com or see pictures of some product I was interested
in on able.com . I look at the bottom of the screen
and I see "googleadservices" flash by.

In Firefox, I think you'd only see these flashes if you're using a
version that allows you to use the Status4Ever extension (or a _really_
old version that still has a status bar anyway).
[]
pictures of "socks" on the right hand margin of the screen.
It's fun to jerk their collective corporate chains :-)

When (ITIW: I think it was) Bill Clinton was president, "socks" was
First Cat (in the same way Hillary was First Lady). I don't have any
pictures of socks, but I do have an audio file that purports to be him
(?). (It's a .au file! From 1995.) He (?) doesn't sound at all pleased;
I suspect was prodded, or similar, to make a noise for the recording.

If I were to switch browsers, my "interest in socks" should
not travel with me. As all the involved cookies were
[]
(Click this, to see lots of sock adverts where they don't belong, later :-)
And so on.)

https://www.amazon.com/Mens-Navy-Ora.../dp/B01N52HH3Z

I have, just for fun. I wonder how many of your readers have too - and
whether Amazon have noticed a puzzling spike in interest for them as a
result!

My search history and product view info at Google says
"I have a bizarre taste in socks". And that's what I want
it to say.

Paul

I have alarming experiences with facebook that make me think they are
sniffing coolies on my machine. My dog has a page. I am not on it and
I have carefully avoided being there at all but I get pop up ads for
things my wife and I just bought on Amazon. They had to be sniffing a
cookie or something.

Sniffing cookies does sound appropriate for a dog. Especially if you
put, shall we say, unusual ingredients in your cookies. (Sniffing
coolies I'll leave to others to comment on!)

I really should get my dog his own computer I guess ;-)

In another newsgroup I take, that would trigger a list of suggested
makes - though I can't think of any that are particularly canine.
--
J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

"If even one person" arguments allow the perfect to become the enemy of the
good, and thus they tend to cause more harm than good.
- Jimmy Akins quoted by Scott Adams, 2015-5-5

gfretwell wrote:

Can a 3d party connected to one browser read the cookies in another
browser's cookie jar?

(like IE and FF or FF and the AOL browser that looks a lot like FF.)

IE uses text files with extension .txt (changed later to .cookie and
later into a database) in which to save cookies (*). Firefox uses its
own sqlite database.

https://answers.microsoft.com/en-us/...f-dd438fdc20cd

There are tools that can dig into sqlite databases because SQLite is not
created by Mozilla. It is used by many authors, so there are standard
directives that can be issued against the database to create, delete,
change, and query the records in an SQLite database. However, although
the structure within is standardized by SQLite, the contents of the
fields within each record can be any proprietary format. The change to
IE's cookies is new. Even back when they were .txt files for IE, web
browsers didn't bother sharing cookie data. Now that Mozilla has their
database and Microsoft has their database, they would have to employ
forensics to dig into those databases hoping to ferret out some
information. Not worth the effort.

Each web browser has its own DOM Storage, too. They don't share on that
data, either. Cookies had a limitation on size so they couldn't hold a
lot of data. DOM storage is huge by comparision. I think the
difference is like 4K to 4MB.

https://en.wikipedia.org/wiki/Web_storage

On Sun, 22 Apr 2018 08:16:18 +0200, "R.Wieser"
wrote:

My dog has a page. I am not on it and I have carefully
avoided being there at all but I get pop up ads for things
my wife and I just bought on Amazon.

That probably has got nothing to do about cookies, and everything about how
that company (and others) link "people" together - on *their* servers,
something which you cannot do squat about.

In the worst of circumstances your computer has a static IP. In another
amazon could have used machine fingerprinting, by which they could have
noticed that you and your dog use the very same computer.

In yet another their page uses flash player, and stores the data there
(might well be a cross-browser storage. who knows ...)

Regards,
Rudy Wieser


That is not likely since the ad was so specifically targeted at me. It
pretty much had to be something they sniffed off of my PC and it is
not a static IP. I am not really sure how Facebook would find me
otherwise since my dog is the only one in the house on FB and I really
avoid any reference to myself. I even keep my "face" off of Facebook.
(I guessed they were using facial recognition long before they
admitted it) His "friends" are a pretty diverse group, most not
directly tied to me either. He takes friend requests from a lot of
people we don't know, just to increase the clutter in the "network"
and make the valid connections get lost in the grass. When I
downloaded the data they admit to, there was not much there.
My Flash is an old version so it will not run unless I let it (from
the nag screen) and I don't let it run often.

On Sun, 22 Apr 2018 05:50:26 -0400, Paul
wrote:

R.Wieser wrote:
My dog has a page. I am not on it and I have carefully
avoided being there at all but I get pop up ads for things
my wife and I just bought on Amazon.

That probably has got nothing to do about cookies, and everything about how
that company (and others) link "people" together - on *their* servers,
something which you cannot do squat about.

In the worst of circumstances your computer has a static IP. In another
amazon could have used machine fingerprinting, by which they could have
noticed that you and your dog use the very same computer.

In yet another their page uses flash player, and stores the data there
(might well be a cross-browser storage. who knows ...)

Regards,
Rudy Wieser

Adobe Flash has a Control Panel, complete with a Delete option
in it, for dumping flash metadata (cookies).

Paul

Actually the more I think about it, Flash might be the leak. If they
can see the meta data without actually clicking the "allow" button
using an older version, that would do it because I am sure Amazon uses
Flash.

On Sun, 22 Apr 2018 12:08:20 -0400, wrote:

That is not likely since the ad was so specifically targeted at me. It
pretty much had to be something they sniffed off of my PC and it is
not a static IP. I am not really sure how Facebook would find me
otherwise since my dog is the only one in the house on FB and I really
avoid any reference to myself. I even keep my "face" off of Facebook.
(I guessed they were using facial recognition long before they
admitted it) His "friends" are a pretty diverse group, most not
directly tied to me either. He takes friend requests from a lot of
people we don't know, just to increase the clutter in the "network"
and make the valid connections get lost in the grass. When I
downloaded the data they admit to, there was not much there.
My Flash is an old version so it will not run unless I let it (from
the nag screen) and I don't let it run often.

Even if your IP is dynamic, Facebook tracks you by IP address, most of the
time. Dynamic IP doesn't mean that every network request will be done using
a different IP. There are time when you'll stay using an IP for a duration
of time (which can be hours or days). That duration of time is enough for
you to be tracked.

Each time you access your FB account, FB will remember the IP address used.
Whenever you go to a different site which support social crap, your browser
will load scripts from FB site in order to provide FB "Like" button, provide
account login using FB account, or create a new account using FB account.
The act of loading the those FB scripts basically tells FB that you've
visited that site. FB will know what that site is all about, and adjust
their ads.