CASEScontact - solutions, tools & skills against latest security, cybercrime, hacking & malware threats

What's up?

Real life scenario

Internet & PC scenario

What is the threat or vulnerability?

Imagine visiting a friend and you have to remind him every time that you do neither drink alcohol nor smoke.

Accordingly, your customer profile may tell the airline that when you purchase a ticket that you prefer an aisle seat.

Instead of having repeat this information each time to the customer service agent, the frequent flyer number and the attached profiel may tell the agent, hence, he or she will not have to ask every time one purchases a ticket.

What is a Cookie?

When you visit a website, general information about your computer such as the:

IP address

domain used to connect to the Internet (e.g., co.uk, Web.de and bluewin.ch) and

the browser used

is generally revealed. More specific information may be used by your favorite e-commerce site where you purchase regularly and 'your personalised webpage' comes up when you visit.

Here a cookie stored on your computer tells the site your personal preferences for viewing it, thereby saving you time.

Problem & Solution

What does it mean to me? Am I vulnerable?

As the above suggests, cookies are common elements that make surfing easier but they may also pose hidden risks when viewed in your browser or favorite email program.

Cookies come in two forms, namely:

The first one is a so-called persistent cookie that retains your preferences for this particular site. Hence, your personalized home page appears when you visit your favorite online news site. This cookie can be removed as well with a spyware program if you wish.

The second type is a session cookie stores information only as long as you are using the browser. Once you close the browser, the cookie gets removed. Here the cookie helps with navigation such as indicting if you have visited a page already or retaining information about your preferences once you visited the site.

A) The Threat is that third parties can collect personal information about you (e.g., which sites you visit, your preferences, and so on) .

B) Vulnerability is that the web site using cookies may be able to collect even more information, such as your browsing patterns including the sites one has visited. If the site visited is malicious, the files on one's computer may be at risk as will be the passwords stored in the temporary memory.

B) Impact could be that the information at risk could be exploited by others (e.g., logging into your favorite Web sites pretending to be you) or information on the computer could also be damaged

If I fix the problem - will it help me?
How

One cannot really fix the problem per se because if one disallows cookies totally, the browsing experience will be somewhat cumbersome. However, one can change the options as explained just below.

How can one describe the solution?

To increase your level of security, adjust your privacy and security settings to block or limit cookies in your web browser as follows:

1) go to Options (tools in Firefox/Mozilla), click on Internet Options (Options),

2) thereafter, click on Privacy, change cookie acceptance privacy level (e.g., do not accept third party cookies - move cursor up with mouse on vertical bar) or accept cookies until I close Firefox, and

3) click on General, click on delete cookies to get rid of all temporarily stored cookies you have on the machine right now (Firefox, just check and see what you want, various options best is if you click Privacy, then click on Clear All).

Does Microsoft offer me a solution?

There is no specific option available for Windows OS except what we suggested above.

What is the solution to this problem ?

Tip 1		To increase your level of security, besides restricting cookies as suggested above, do also the following: 1) choose to only allow cookies for the web site you are visiting (this makes sure that other sites are not collecting personal information about you without your knowledge), 2) block or limit cookies from a third-party, 3) if you are using a public computer, you should FIRST make sure that cookies are disabled to prevent other people from accessing or using your personal information, SECOND you should close the web browser before leaving the computer.

Tip 2		Reduce Your Risks and Remember This a) Limit use of cookies and applets to those few sites that provide services you need. b) Set your browser to regularly delete cookies. c) Do not assume a Web site is what it claims to be, unless you have typed in the URL yourself. d)Make sure the address bar shows the exact address, not a near-miss .

Tip 3		More Security - Check your PC for Spyware Besides following the tip of emptying your cache and removing cookies (see How can one describe the solution? above), you should also scan your PC regarding spyware. In general, while cookies are not spyware, malicious cookies belong into this category. The CASEScontact tip on spyware provides you with free tools to remove spyware and unwanted cookies, please visit: http://casescontact.org/tips/210002

Take another 2 minutes - More tricks to safeguard your information better

Tidbit 1		E-Bay Users - Watch Out 1) Don't walk away while logged in. Many web sites let you log in, but set cookies for an online session (such as eBay) so if you close the browser and reopen it, you don't have to re-logon. If you just close the browser and walk away, the next user (who may have been watching while you were surfing), could pickup where you left off. Be especially careful using a Microsoft Passport account as well, since it can also be persistent.
Tidbit 2		Surfing at an Internet Cafe, the Public Library, Terminal at the Hotel, or any Terminal Accessible to Others - Watch Out A) If you use a public terminal (e.g., Internet cafe) with a Windows XP installation, it could ask if you want to associate your passport account to the Windows XP account. Be sure to say "no"(we repeat, SAY "NO") if you get this prompt, or you'll be giving your passport account to everyone that uses that machine. B) Normal surfing leaves an electronic trail of temporary files, cookies and a history of where you've been. When you're done with surfing, if you're using: Internet Explorer, click on Tools and Internet Options, on the General tab, click on Delete Cookies, Delete Files (and be sure Offline content is checked), and Clear History . C) If you downloaded any documents, delete them as well. If you edited any documents clear the "recently used documents" list. To this with Windows XP right click on the taskbar at the bottom of the screen and then, select Properties, select the Start Menu Tab, and click on Customize then Advanced. On the Advanced tab, click on the Clear List button for Recent Documents.
Tidbit 3		Restrict Pop-Up Windows and Cookies Pop-up windows are often generated by some kind of scripting or active content. Adjusting the settings within one's browser can reduce or even prevent scripting or active content. In turn, the number of pop-up windows that appear will be reduced. Some browsers offer a specific option to block or limit pop-up windows. Accessing Web-based E-Mail Accounts When connecting to a Web-based mail account via a cybercafé (e.g., Yahoo!, gmx.de, Web.de, gmail.com, Bluewin.ch), for instance, do as follows: 1) Start the progam Microsoft Notepad or Word or any word processing program intalled and type your User Name, Password, then copy the user name AND password using Control C and then paste both into the appropriate fields (use CTRL V) when wanting to log into your web-based e-mail account The above procedure prevents a keylogger or password stealer program from grabbing your username and password when trying to log-on from such a public terminal - The same logic applies if you log into a web site from your own computer. - Check spyware link above to see if you have a keylogger installed on your computer. 2) Refuse the option that may pop-up by the browser to save the password. 3) Use the site's log off option (disconnect, or close session option), in turn, this will prevent the next user at the cybercafé from being able to access your account. 4) Exit the browser and then open it again before leaving the computer to the next user. These types of precautions should be taken because a lot of mail systems use cookies via Internet to maintain the session open while the user goes back and forth between Web pages. Thus, user names and passwords don't have to be requested constantly. Cookies store a value that means "open" to the current session and user, so if the session is not disconnected, anyone can use it. This is especially dangerous in cybercafés, where several different users continuously work on the same computer, one after another.
Watch out		Certain types of cookies are sometimes considered spyware because they reveal what web pages you have visited. You can adjust your privacy settings as follows: Firefox - click on Tools, Options, Privacy - and then use clear all as well as click on Web Features and mark Block pop-up Windows, Microsoft Explorer -- go to Tools, Internet Options, Privacy - block pop-up windows, set privacy settings higher, etc. In turn, this will only allow cookies for the web site you are visiting (see also above for further suggestions).

CYTRAP resources - check it out - because it will help you better protect yourself

Administrative

Author		Urs E. Gattiker - CyTRAP Labs

Revisions		1.0 - 2005-05-16 - First Version
Contact details		Web: http://CASEScontact.org E-mail: support01@CASEScontact.org Tel: +41(0)76-200-7778 or + 44(0)70-9237-6036 Fax: +44(0)70-9237-6036, dial 3 send fax

--END of ADVISORY - Important Info Below--

We recommend that you VERIFY ALL ADVISORIES you receive IMMEDIATELY, by clicking on the link provided at the top of this alert.

NO WARRANTY Any material furnished by CASEScontact.org is furnished on an 'as is' basis. CASEScontact.org, writers & sponsors make no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material.

Ride the rollercoaster successfully by subscribing to our alerts, tips, tools and skills training receiving them either via: 1) e-mail 2) RSS feeds, or else, just get a 3) free skills tune-up

NO WARRANTY Any material furnished by CASEScontact.org is furnished on an 'as is' basis. CASEScontact.org, writers & sponsors make no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material.

CASES writers & sponsors do not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement. Full DISCLAIMER notice at: http://www.casescontact.org/terms.php

UNSUBSCRIBE If you no longer wish to receive this TIP ADVISORY, please Unsubscribe at: http://www.casescontact.org/unsubscribe.php QUESTIONS, comments, ideas? Cheer us up at:Tips-Comments at CASEScontact.org CASEScontact.org -- Threat Alerts and Security Notices --clear and precise, no compromise - --currently hosted by Flashcable

-- END of TIP & Tricks ADVISORY-- Copyright (c) 2007 by CyTRAP labs - Urs E. Gattiker. All rights reserved.

Just the facts

Title		Cookies - Making them Work for YOU - More Securely
Description
CyTRAP LABs ID		CT210003
Date		2005-05-16
Systems affected
Version number		1.0
ISSN		1603-9866
Verify tip		http://casescontact.org/tips/210003
Risk assessment		Moderate
Impact/Severity		High

Why not get new tips and alerts by e-mail directly to your in-box? It's much more convenient: Your email: or press here.

Cookies come in two forms, namely:

More Security - Check your PC for Spyware

Accessing Web-based E-Mail Accounts