Results 1 to 6 of 6
  1. #1
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    1,403
    I have been asking me how the parasites would be able to overwrite my cookies and I probably found a matching answer. They can not. But what they can is to read the web-bugs coming along with the affiliate code ( 1x1 pixel pictures)and they can upload their web-bugs together with a their cookies if they have found my webbugs on the PC of the user. That would mean, if we eleminate the web-bugs out of the code, we perhaps can avoid that all, and tracking should not be affected.

    carneol

  2. #2
    Defender of Truth, Justice and the Affiliate Way
    Join Date
    January 18th, 2005
    Location
    The Swamp
    Posts
    7,503
    carneol,

    That is not how parasites work at all. The 1 x 1 pixel has no impact whatsoever in how they function and removing them will not effect their ability to autoredirect your links! Please don't go and remove your 1 x 1's. This will offer no protection whatsoever and will only give some merchant's who want to be sticklers a reason to potentially not pay you on commissions because you altered the approved code!

    I'm about to head out for a couple of days. I would suggest you do some searching in the Parasiteware forum and you should find some good info on exactly how the different parasites function. If you are still unclear, please drop me a PM and I will more more than happy to explain their functioning as soon as I return.

    I would encourage any on the board who are still unclear exactly how the different software in question operates to educate themselves. Understanding exactly how the programs operate is an important step in being to make educated decisions regarding different solutions in the fight towards protecting your livlihood.

    Keep Your Hands Off My Cookies

  3. #3
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    1,403
    I found that on this issue:

    ....That's it. You can defeat the cookie by disabling cookies in your browser or otherwise filtering them with a third-party product or service, but the loading of the image will still be recorded, thus logging your visit. The data recorded will show the date, time and IP address like this:

    [2003-01-22 10:47:02] xxx.xxx.108.7

    Is that a big deal? Maybe. That's up to you. The only ways we know of defeating them is to turn off the loading of images in your browser, which is pretty severe (but a good way to get Web pages to load quickly if all you want is the text information anyway), or to use a proxy filter of some kind that prevents the loading of any files (cookies, images, scripts, etc.) from a domain other than the one you are visiting.
    ============================================
    and I found that on peacefire.org:

    (Internet Explorer "Open Cookie Jar"
    Cookies stored by IE for Windows can be read by any Web site )


    How it works
    Using a specially constructed URL, a Web site can read Internet Explorer cookies set from any domain. For example, to read a user's Amazon.com cookie, a site could direct the user's browser to:
    http://www.peacefire.org%2fsecurity%...%3F.amazon.com
    If you replace the "%2f"'s with "/" characters, and the "%3F" with "?", this URL is actually:
    http://www.peacefire.org/security/ie...ml?.amazon.com
    But IE gets confused and thinks the page is located in the Amazon.com domain, so it allows the page to read the user's Amazon.com cookie.

    Affected:
    Internet Explorer (all known versions) for Windows 95, 98, NT, and 2000. IE for the Macintosh does not appear to be affected. Users have reported that IE versions for Solaris and HP/UX are vulnerable, but IE's browser share on UNIX platforms is much lower. No version of Netscape Navigator or any browser other than Internet Explorer appears to be vulnerable.

    Workaround:
    As of 5/18/2000, Microsoft has released a patch that fixes this problem:
    http://www.microsoft.com/technet/sec...n/ms00-033.asp
    If you do not want to download the patch, the safest workaround is to disable cookies. You can do this by going to
    Tools->Internet Options->Security
    and click the button to customize security settings, and set cookies to "disable". (Note that this will cause some sites such as HotMail to break.) Also, if you have Netscape's browser installed, it is not affected by the bug.
    Implications

    Jamie McCarthy came up with a list of cookies set by various sites that could be used to retrieve sensitive information:

    By intercepting a cookie set by HotMail, Yahoo Mail or any other free Web-based email sites that use cookies for authentication, the operator of a hostile Web site could break into a visitor's HotMail account and read the contents of their Inbox. (HotMail cookies do not contain user passwords, but they do allow a third party to access a user's HotMail account for as long as that user stays logged in, since each separate login generates a new cookie.)
    A user's Amazon.com cookie could be used to visit Amazon.com impersonating that user, and access their real name, email address, and the user's list of "recommended titles" -- which can be used to determine what types of books or CD's the user has purchased from Amazon in the past. (You cannot, however, access the user's credit card number or their actual list of previous Amazon.com orders, since accessing this information requires a password that is not contained in the cookie.)
    A user's MP3.com cookie stores their email address.
    A user's NYTimes.com cookie stores their NYTimes.com password. This isn't useful by itself, since the password is only needed to browse articles on NYTimes.com, but exposing this password is still dangerous since users might have the same password set up for several different sites.
    A user's Hollywood.com cookie stores their city, state, and zip code.
    A user's Playboy.com cookie stores the fact that the user has visited Playboy.com -- which not every Playboy visitor would want the whole world to know. (Yeah, we know, you just wanted to read the Jesse Ventura interview.)
    A user's Zip2.com cookie can be used to access the user's home address.

  4. #4
    Defender of Truth, Justice and the Affiliate Way
    Join Date
    January 18th, 2005
    Location
    The Swamp
    Posts
    7,503
    Yes, I understand how cookies work. The article you posted, although discussing cookies, is not discussing the parasite issue per se. You can turn off your cookies to 3rd parties and yes the parasite will not receive a commission. This is true. But that is just on your computer. You can try to get your visitors to disable their cookie acceptance to 3rd parties also. And yes, the parasite will not get a commission. But neither will you on any of your links or from any of the your visitors who do not have parasiteware installed on their computer. Also once they change it, they are not likely to go back and reset to accept cookies again. Therefore any other affiliate site they visit in the future will also not receive their commission. There are plenty of software programs that will do this for people automatically. We are as concerned about those as we are with parasites because they potentially effect our revenue.

    Heading out the door now. But again, I recommend that the best way to try and arrive at a solution is by understanding how the software works. My offer still stands.

    I'm not just trying to shoot you down ideas. I'm glad to see you thinking and looking for solutions. That's what we need as a community.

    Keep Your Hands Off My Cookies

  5. #5
    ABW Ambassador affiliatemakeover's Avatar
    Join Date
    January 18th, 2005
    Location
    Cleveland, OH
    Posts
    821
    Maybe someone can answer this question.

    Can a parasite affect a co-branded store like this example:

    Name of brand offering store: MStore.com
    My store name: AM.MStore.com

    So, any purchases made through my store at my AM.MSstore.com domain are credited to me.

    So how can a parasite tap into that since I'm not actually using network code?

    "I want to make you more money with a professional and low cost web design. Let's chat."

  6. #6
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    1,403
    If you have a store and are selling products through your store no parasite can ever damage you. This is only possible if you use network code, and then only if ebates is also affiliated with this merchant through e.g. cj.com. This is how I understand it.

    carneol

  7. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Fight parasites with parasites?
    By leeann in forum Programming / Datafeeds / Tools
    Replies: 10
    Last Post: July 10th, 2005, 04:44 PM
  2. Work and work... Work your fingers to the bone!
    By jc101 in forum Newbie Affiliate FAQs & Helpful Articles
    Replies: 4
    Last Post: February 15th, 2004, 06:00 PM
  3. Replies: 8
    Last Post: December 16th, 2003, 09:16 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •