Tracking Cookies.

I would like to know if anyone knows why the viewer is making use of tracking cookies.

After every virus scan I see several listed threats in the viewers folder. They are named Casalemedia Tracking Cookie.

I googled this name and it turned out to be a company that specialises in.....yes you guessed it advertising.

I for one would like to know why LL aren't making people aware that they are using tracking cookies. This stinks of another corp selling our information for profit. I'm sick and tired of this crap from other companies, and the last place I expected to see it was in Second Life.

If there are any Lindens reading this that can give me an answer (no new speak or corporate rubbish please, plain English will do nicely) and a reason for this, then please feel free to do so.

Cookies aren't stored in the viewer's folder. Whatever they are, they aren't cookies.

It's for the web browser. Web browsers need them. Virus scanner is probably pointing them out because it makes it look like it's doing something important

They are in:

c:\Documents and settings\squiz\Application Data\Secondlife\Browser_Profile\cookies.txt

I know this isn't the viewers exact folder, but I know files are cached there by the viewer and are pretty clearly related to second life. I just want to know why they are even there.

Yes fair enough, just seems a bit iffy to me. Why would an advertising company have tracking cookies in there.

I'm not completely computer illiterate, I know what a cookie is, and I know the difference between a regular cookie and a tracking cookie.

I've not even once used the viewers internal browser, never have. Unless it is somehow embedded into the search. Otherwise this suggests they come pre-installed.

Either way, it would be nice to know that my information is being harvested.

In the case of advertising companies, it's probably to keep track of which ads you've already seen and where you saw them. Information in the cookie is fabricated by the website, not anything the website wouldn't be able to see otherwise, and is private between you and that website. Say you go to a website that has a casalemedia ad unit, when your browser requests the ad from casalemedia's website for the first time, it writes the cookie saying you've seen that ad... then the next time you request an ad from them, the cookie says what you've already seen so they show something else.


If you have parcel media enabled, a parcel may be "playing" websites as well as video, etc.

At least, in theory.

In practice, a number of sites make use of annoying, deliberate cross-site scripting using cookies, assuming users don't pay attention to these things (usually correct). I tend to run browsers in paranoid mode as a matter of course, and those drive me nuts.


I'd recommend a quick read of http://en.wikipedia.org/wiki/HTTP_cookie#Cookie_theft, but really, this is a minor point.

You're quite correct that in 99% of all cases, the cookie is harmless and just there to make A/V tools look like they're doing something. Trust me. I worked in the industry.


------


Really? I'd like to hear your criteria, seeing as there's no technical difference other than usage and which websites you trust. This includes "third party cookies."

As a general suggestion, you can disable cookie use in SL's internal browser via Edit > Preferences > Web > [ ] Accept cookies from sites. Chances are, this will solve the immediate problem.

As for the more general problem of cookie [ab]use, I'd recommend turning cookie use off by default if you're paranoid of such things, then allowing sites you trust to have access.

Plugins like NoScript (Firefox) are also awesome, since they disable a large swath of advertisement Flash and Javascript out of the box.


Oh. And don't forget to turn off your Flash cookies!
http://epic.org/privacy/cookies/flash.html


------

But seriously. Most of this stuff is harmless, unless you want to deprive marketers from their pay.

I do, so I keep this stuff off.

PS: Yes it has. The new Search makes use of the integrated Mozilla browser, and has a Google backend. AKA, Google cookies.


At least, in theory. I haven't gotten that far into the guts of the code to verify.

It uses a Google system, but is nothing to do with Google - it's totally internal to SL.

Have you ever looked at anyone's profile?

There's an option to automatically load the web tab for profiles.

If it's enabled it will load the profile in the web tab even if you don't select the web tab.

Yes, really.

More specifically, they've sublicensed one of Google's search boxes for the task. I know.

But if I made it sound like it was tied to Google's own corporate backend, excuse the error.