Cookies don't behave that way. They are not a security risk. They only allow websites to lookup data which was already sent you from the same site. Your example simply doesn't work.
On Amazon, when I log in, they send me a cookie with an ID string. When the page loads, they get back that ID string and nothing more. They use that ID string to lookup my information from their existing database - data I provided them when I created my account - and get my name Thom McGrath. Web browsers do not and generally cannot provide personal information to web sites. Cookies are very, very, very, very, very rarely a security risk. I can't even provide personal information to Amazon, and have site x look it up later. The reason cookies are believed to be a security risk is simple. They are typically stored in a text file on your computer. It is very easy for a malicious program to look up your Amazon cookies and use that to log in. But Amazon, and most sites, are not stupid enough to allow this to actually work. It was an easy trick years ago, which is why cookies got a bad rap, but these days it would be pointless. I cannot stress this enough: Cookies themselves are in no way a security risk. Amazon affiliates know who I am because of that Amazon cookie, but the page itself does not get access to the cookie. Only amazon's site does. This works using iframes, where the amazon page is actually loaded separately and included inline with the page. The website you're visiting *never* actually gets the data loaded by that "donate" box or whatever it may be. It's almost identical to opening a separate browser window, removing the toolbars, and positioning it in place. -- Thom McGrath, <http://www.thezaz.com/> "You don't need eyes to see, you need vision" - Maxi Jazz in "Reverence" by Faithless On Apr 29, 2007, at 8:56 PM, Andy Dent wrote: > nope, it can be done through cookies. > > not sure of entire details but something along the lines of > - site X sets cookie GotchaMate, being part of a group that harvests > email addresses > - site Y sees you have cookie GotchaMate, uses it to index your > details from group database > > There are probably more subtle variations on the theme. > > Amazon affiliates use something similar but in their case will have a > "how do I know you're Thom McGrath button?" visible. _______________________________________________ Unsubscribe or switch delivery mode: <http://www.realsoftware.com/support/listmanager/> Search the archives: <http://support.realsoftware.com/listarchives/lists.html>
