Re: Microsoft IE cookies readable via about: URLS

From: Thomas Reinke (reinke@e-softinc.com)
Date: Mon Nov 12 2001 - 08:03:30 PST

Next message: Valdis.Kletnieksat_private: "Re: Microsoft IE cookies readable via about: URLS"

Previous message: Clover Andrew: "Re: Microsoft Security Bulletin MS01-055"
In reply to: Oliver Petruzel: "RE: Microsoft IE cookies readable via about: URLS"
Next in thread: Valdis.Kletnieksat_private: "Re: Microsoft IE cookies readable via about: URLS"
Next in thread: Clover Andrew: "Re: Microsoft IE cookies readable via about: URLS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The closest I've seen to this, although it doesn't fit your bill 100%,
are two separate monthly reports called the Cookie Report and
Web Bug report located at 
http://www.securityspace.com/s_survey/data/index.html

Of the two, the Web Bug report is the more interesting - it documents
the occurance of web bugs, which by definition occurs whenever a third
party serves out content as part of a page you visit (think online
advertisers).  The report provides the top 100 "beneficiaries" of
web bugs, which would give you the top 100 domains to block. Note that
this does NOT reveal actual usage of cookies, but since virtually
all advertisers use them, it's a pretty good correlation. All the
big players are immediately visible in this list (Top 5 Count: 
linkexchange.com, bfast.com, extreme-dm.com, hitbox.com,
doubleclick.net).
When "weighted" by traffic, the top 5 are doubleclick.net,
akamaitech.net,
admonitor.net, gamespy.com, interstitialzone.com.

The cookie report gives a some additional statistics on the types
of cookies that are found in the wild (life time, common names, etc.)

Hope this helps,

Thomas

Oliver Petruzel wrote:
> 
> >
> > Jouko Pynnonen <joukoat_private> wrote:
> >
> > > Microsoft Internet Explorer has a vulnerability which allows a
> > > malicious website to access any cookie in the browser's memory or
> ...
> 
> This brings to mind a question:  has anyone collected a list of the most
> revealing KNOWN cookies in the wild?  Is there a resource (site)
> available with a list for me to use in order to perhaps blacklist the
> URL's personally?  I often find myself studying my local cookies and
> have noticed repeat offenders from very popular sites that I avoid now
> because of this; and I believe such a public list would serve as a way
> to prevent cookies from becoming too powerful or revealing.  A cookie
> reporting service possibly.  Anyone with a link for this if it already
> exists or with the energy to compile it yourself, go for it, and plz let
> us know.
> 
> Oliver

-- 
------------------------------------------------------------
Thomas Reinke                            Tel: (905) 331-2260
Director of Technology                   Fax: (905) 331-2504
E-Soft Inc.                         http://www.e-softinc.com
Publishers of SecuritySpace     http://www.securityspace.com

Next message: Valdis.Kletnieksat_private: "Re: Microsoft IE cookies readable via about: URLS"
Previous message: Clover Andrew: "Re: Microsoft Security Bulletin MS01-055"
In reply to: Oliver Petruzel: "RE: Microsoft IE cookies readable via about: URLS"
Next in thread: Valdis.Kletnieksat_private: "Re: Microsoft IE cookies readable via about: URLS"
Next in thread: Clover Andrew: "Re: Microsoft IE cookies readable via about: URLS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Nov 12 2001 - 11:52:03 PST