• Menu
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Before Header

  • About Us
  • Lexicon
  • Contact Us
  • Our Store
  • ↑
  • ↓
  • ←
  • →

Balloon Juice

Come for the politics, stay for the snark.

Shallow, uninformed, and lacking identity

I’m more christian than these people and i’m an atheist.

The current Supreme Court is a dangerous, rogue court.

Rupert, come get your orange boy, you petrified old dinosaur turd.

Do not shrug your shoulders and accept the normalization of untruths.

Republicans cannot even be trusted with their own money.

An almost top 10,000 blog!

If rights aren’t universal, they are privilege, not rights.

How any woman could possibly vote for this smug smarmy piece of misogynistic crap is beyond understanding.

You are so fucked. Still, I wish you the best of luck.

Within six months Twitter will be fully self-driving.

When someone says they “love freedom”, rest assured they don’t mean yours.

These are not very smart people, and things got out of hand.

The words do not have to be perfect.

Every decision we make has lots of baggage with it, known or unknown.

People really shouldn’t expect the government to help after they watched the GOP drown it in a bathtub.

Tide comes in. Tide goes out. You can’t explain that.

“Everybody’s entitled to be an idiot.”

“A king is only a king if we bow down.” – Rev. William Barber

Celebrate the fucking wins.

You don’t get to peddle hatred on saturday and offer condolences on sunday.

75% of people clapping liked the show!

Seems like a complicated subject, have you tried yelling at it?

Republicans: slavery is when you own me. freedom is when I own you.

Mobile Menu

  • Seattle Meet-up Post
  • 2025 Activism
  • Targeted Political Fundraising
  • Donate with Venmo, Zelle & PayPal
  • Site Feedback
  • War in Ukraine
  • Submit Photos to On the Road
  • Politics
  • On The Road
  • Open Threads
  • Topics
  • COVID-19
  • Authors
  • About Us
  • Contact Us
  • Lexicon
  • Our Store
  • Politics
  • Open Threads
  • 2025 Activism
  • Garden Chats
  • On The Road
  • Targeted Fundraising!
You are here: Home / Science & Technology / All Your Computers Are Belong To Us

All Your Computers Are Belong To Us

by John Cole|  December 29, 20059:50 am| 42 Comments

This post is in: Science & Technology, General Stupidity

FacebookTweetEmail

NSA site installed ‘illegal’ cookies:

The National Security Agency’s Internet site has been placing files on visitors’ computers that can track their Web surfing activity despite strict federal rules banning most files of that type.

The files, known as cookies, disappeared after a privacy activist complained and The Associated Press made inquiries this week. Agency officials acknowledged yesterday that they had made a mistake.

Nonetheless, the issue raised questions about privacy at the agency, which is on the defensive over reports of an eavesdropping program.

“Considering the surveillance power the N.S.A. has, cookies are not exactly a major concern,” said Ari Schwartz, associate director at the Center for Democracy and Technology, a privacy advocacy group in Washington. “But it does show a general lack of understanding about privacy rules when they are not even following the government’s very basic rules for Web privacy.”

Until Tuesday, the N.S.A. site created two cookie files that do not expire until 2035.

The question I want answered is “Why are they even installing cookies at all?” Again, I am not going to move to Montana and go off the grid because of this (add to it I have never been to the NSA site), but I do want to know why this was even done in the first place.

*** Update ***

Not sure why some of you think I thought this was a big deal, because I don’t. That is why I had quotes o’ sarcasm around ‘illegal.’ All I wanted to know was why NSA would even bother to install cookies, and this explanation from the comments seems to be the best description of what probably happened:

Their files are all .cfm, which strongly implies that their website was developed using Cold Fusion. Cold Fusion handles session state data by storing a session key in a user cookie. In all likelihood, they didn’t know or didn’t remember to turn off the creation of these session cookies.

Cookies are passed from the browser to the appropriate site when an HTTP request is made. There’s no way that a NSA cookie could give the NSA information it doesn’t already have, unless the NSA was embeddeding content in other websites. And that would be obvious, because hiding it would make it not work.

If anything, this story serves to discredit those who are bleating about it.

FacebookTweetEmail
Previous Post: « Fighting Dems?
Next Post: Taking Tom Tancredo To Task »

Reader Interactions

42Comments

  1. 1.

    Bob In Pacifica

    December 29, 2005 at 9:54 am

    Absolute control.

  2. 2.

    TBone

    December 29, 2005 at 10:02 am

    Are you serious? Are you saying that a publicly accessible, government web-site can’t have cookies? Every other site on the internet has cookies, but if NSA has cookies people see conspiracy. At least NSA doesn’t have an annoying pop-up script that you can’t get rid of, directing you to kiddy porn sites. And you don’t have to worry about the webmaster selling your information to a million spam-meisters who are going to send you ads about Viagra.

    This is a ridiculous subject. Why even waste the time? My suggestion to the paranoid is to highlight the cookie and press the delete button if you are worried about something.

  3. 3.

    Ancient Purple

    December 29, 2005 at 10:23 am

    Are you saying that a publicly accessible, government web-site can’t have cookies?

    A better question is why the NSA site needs to be placing cookies on people’s computers for any reason.

    I am open to suggestions.

  4. 4.

    Blue Neponset

    December 29, 2005 at 10:24 am

    In a 2003 memorandum, the Office of Management and Budget at the White House prohibited federal agencies from using persistent cookies – those that are not automatically deleted right away – unless there is a “compelling need.”

    Read the article TBone. It isn’t about the dangers of cookies it is about the fact that the NSA was breaking the rules.

  5. 5.

    Sojourner

    December 29, 2005 at 10:27 am

    Don’t you Repubs ever get tired of the bullshit that continues to roll out of this administration? Spy, spy, greed, greed, lie, lie.

    Enough already.

  6. 6.

    Tim Worstall

    December 29, 2005 at 10:38 am

    Well, at least the NSA cookies don’t live as long as those of Google.

  7. 7.

    Gary Sugar

    December 29, 2005 at 10:49 am

    Every other site on the internet has cookies, but if NSA has cookies people see conspiracy. (TBone)

    Sure, it’s amusing to read about this while seeing my name displayed in the Amazon ad on this page. :D

    Still, that has nothing to do with the point at hand, namely, that under Bush, the executive branch is so often promising one thing and doing the opposite.

  8. 8.

    Steve S

    December 29, 2005 at 10:57 am

    I guess i don’t understand how a cookie can allow the NSA to track everything you are doing.

    I’m technically literate… I just have never understood any of the complaints regarding cookies.

  9. 9.

    Gold Star for Robot Boy

    December 29, 2005 at 11:00 am

    I just have never understood any of the complaints regarding cookies.

    Me neither. In fact, I think they’re handy. After all, they tell me what city I’m in, then provide a link where I can find hot women here!
    But I’ve shared too much…

  10. 10.

    KCinDC

    December 29, 2005 at 11:08 am

    Is this a joke, John? You minimize some true outrages by the government but get exercised about this ridiculous cookie paranoia? I figured this nonstory was planted to make the NSA opponents look silly.

    There’s all sorts of web software that uses cookies by default, and I have no trouble believing the NSA when they say it was an accident — especially since I can’t imagine any nefarious purpose for the cookies anyway.

  11. 11.

    Zach

    December 29, 2005 at 11:17 am

    Y’all gotta check out Schneier today.

  12. 12.

    John Cole

    December 29, 2005 at 11:20 am

    What part of this post suggests I am outraged?

    Because I am not.

  13. 13.

    Sojourner

    December 29, 2005 at 11:31 am

    I guess i don’t understand how a cookie can allow the NSA to track everything you are doing.

    They can keep a record of all the web sites you visit. They can also store your passwords.

  14. 14.

    TBone

    December 29, 2005 at 11:33 am

    John,

    This matter is so petty, it hardly seems worth your effort to print. The real problem is the people on the Left who throw this rubbish out there for their dogs to bite on. Another BS story, filled with half-truths. Another example of fear mongering by the Left, and the attempt to smite the “Chimpy BusHitler” administration.

  15. 15.

    Sojourner

    December 29, 2005 at 11:47 am

    This matter is so petty, it hardly seems worth your effort to print. The real problem is the people on the Left who throw this rubbish out there for their dogs to bite on. Another BS story, filled with half-truths. Another example of fear mongering by the Left, and the attempt to smite the “Chimpy BusHitler” administration.

    Another insightful post from the technically illiterate.

  16. 16.

    Ancient Purple

    December 29, 2005 at 12:07 pm

    Another BS story, filled with half-truths.

    Well, TB, since you are so certain it is “BS” and “filled with half-truths,” please be so kind as to provide links, citations and the like showing the NYT story is wrong.

  17. 17.

    srv

    December 29, 2005 at 12:12 pm

    I am not going to move to Montana and go off the grid because of this (add to it I have never been to the NSA site)

    Think the only websites the NSA “owns” have .gov at the end of them? If telecom companies were opening their switching networks to them, who’s to say webhosting companies aren’t just as patriotic?

    If you wanted to datamine, the first place you’d start is google.

  18. 18.

    KCinDC

    December 29, 2005 at 12:13 pm

    Sojourner, speaking of technical literacy, could you explain how a cookie obtained from visiting the NSA website would allow them to “keep a record of all the web sites you visit” or “store your passwords” (other than perhaps a password that you give to the NSA website in the first place)? Do you know what cookies are and do? How many people visit the NSA website anyway? If there were NSA web bugs on other websites, then that would be something to worry about.

    John, the fact that you bothered to post about it at all, and used italics, indicates an inappropriately high level of outrage, as far as I’m concerned.

  19. 19.

    crg

    December 29, 2005 at 12:23 pm

    Their files are all .cfm, which strongly implies that their website was developed using Cold Fusion. Cold Fusion handles session state data by storing a session key in a user cookie. In all likelihood, they didn’t know or didn’t remember to turn off the creation of these session cookies.

    Cookies are passed from the browser to the appropriate site when an HTTP request is made. There’s no way that a NSA cookie could give the NSA information it doesn’t already have, unless the NSA was embeddeding content in other websites. And that would be obvious, because hiding it would make it not work.

  20. 20.

    Lis Riba

    December 29, 2005 at 12:42 pm

    In a 2003 memorandum, the Office of Management and Budget at the White House prohibited federal agencies from using persistent cookies – those that are not automatically deleted right away – unless there is a “compelling need.”

    I guess the White House changed its mind, because according to Bruce Sterling:

    The Whitehouse.gov Web site is bugged! Apparently the Webmaster for the site has hired Webtrends to track visitors around the site using Web bugs and permanent cookies. Here’s the Web bug that I found on the home page of the Whitehouse.gov Web site (…) Similar Web bugs can be found on other Web pages at the Whitehouse Web site.

  21. 21.

    Sojourner

    December 29, 2005 at 12:47 pm

    Sojourner, speaking of technical literacy, could you explain how a cookie obtained from visiting the NSA website would allow them to “keep a record of all the web sites you visit” or “store your passwords” (other than perhaps a password that you give to the NSA website in the first place)?

    Check out the link I posted earlier. It answers your questions.

  22. 22.

    Sojourner

    December 29, 2005 at 12:48 pm

    Crap. My link didn’t post the last time.

    http://www.worldprivacyforum.org/cookieoptout.html

    Here it is.

  23. 23.

    Sojourner

    December 29, 2005 at 12:50 pm

    If there were NSA web bugs on other websites, then that would be something to worry about.

    Doesn’t it bother you that it’s against the law for them to do this?

  24. 24.

    demimondian

    December 29, 2005 at 12:52 pm

    If you wanted to datamine, the first place you’d start is google.

    I’m going to stand up for a competitor here. There’s lots of things to complain about at Google, but that does not seem to include willing to be overly compliant with the demands of the US Government. Now, the demands of the PRC, that’s a different matter, but Google appears to have been unwilling to bend to illegal requests from the US.

    (Don’t think that MSN or Yahoo behave differently about such things. I have no faith in anybody’s ability to resist “being evil” in this business.)

  25. 25.

    demimondian

    December 29, 2005 at 12:56 pm

    Hmm. Cold Fusion adds session cookies, by default, but it was my understanding that it did not add persistent cookies.

    FWIW, if you’re running XP SP2 or Firefox, the browsers won’t accept persistent cookies. The privacy implications are too serious. Also, in both cases, you can block session cookies on sites you don’t trust. (Which, ironically, include Ballon Juice — John, did you know that you have involuntary pop-ups on your site?)

  26. 26.

    OCSteve

    December 29, 2005 at 1:01 pm

    The NYT web site installs a permanent cookie that expires in 2021. Where is the outrage?!

    Crg’s technical explanation is spot on. And yes it was most likely an accident related to a software update. If having problems after a software update is illegal then I deserve 10-20.

    This really is nothing.

  27. 27.

    tbrosz

    December 29, 2005 at 1:14 pm

    Doesn’t it bother you that it’s against the law for them to do this?

    I’m not sure that the OMB sending a memo is the equivalent of prohibitive Congressional legislation. In any case, it looks from the article like this was a simple oversight. There’s blood in the water, and the media are snapping at everything that moves.

    Try putting some cookie tracking into your system, and just see what’s going on as you surf the web. Or go to the file where your system stores cookies and see what’s in there, and from where.

  28. 28.

    OCSteve

    December 29, 2005 at 1:20 pm

    This really is nothing

    I take that back. There is something here. The fact that the AP and the NYT thought this was newsworthy. The entire purpose of the article is this:

    Nonetheless, the issue raised questions about privacy at the agency, which is on the defensive over reports of an eavesdropping program.

    It was an opportunity to get that out there one more time.

    And someone explain to me how violation of a memorandum from the Office of Management and Budget rises to the category of illegal.

  29. 29.

    Richard Bottoms

    December 29, 2005 at 1:28 pm

    The NYT web site installs a permanent cookie that expires in 2021. Where is the outrage?!

    Does the NYT have a fleet of planes that can fly me to Azarbarjan for “interrogation”? I know the people who control the NSA do.

  30. 30.

    capelza

    December 29, 2005 at 1:30 pm

    It is a pain in the kiester, but I have my Mac set to tell me whenever a cookie wants on…and usually I decline.

    It is kinda dumb that the NSA and the CIA (if I read that right) both didn’t bother to set the correct kind of cookies, the kind that expire after the session. I don’t think, anyway, that it was deliberate, but come on, if these guys are the suppossed to be the best and the brightest, wouldn’t that have occurred to them beofre they launched the page?

  31. 31.

    KCinDC

    December 29, 2005 at 1:38 pm

    Sojourner, the article you link to is talking about cookies from “web bugs” in other sites — for example, from advertising.com cookies coming through images on other sites. It’s not relevant to this story unless the NSA is getting other websites to add web bugs to their pages pointing at the NSA servers, which would be obvious and stupid, and which no one has claimed is happening.

  32. 32.

    Sojourner

    December 29, 2005 at 1:42 pm

    The NYT web site installs a permanent cookie that expires in 2021. Where is the outrage?!

    It’s not against the law and they’re not the government.

  33. 33.

    Perry Como

    December 29, 2005 at 2:08 pm

    The NY Times needs an editor with a clue. That headline is a joke, cookies are not illegal. In other cookie news, Whitehouse.gov now has cookies too. TIA, bitches.

  34. 34.

    OCSteve

    December 29, 2005 at 2:10 pm

    It’s not against the law and they’re not the government.

    As I said – explain to me how violation of a memorandum from the Office of Management and Budget rises to the category of illegal.

    If your boss sends you a memo saying surfing the web during work is prohibited, then you are nabbed hanging out here at John’s place – have you done something illegal? Of course not. They violated a policy, not a law.

    if these guys are the suppossed to be the best and the brightest, wouldn’t that have occurred to them beofre they launched the page?

    Hardly. They are using a lame design tool (Fireworks MX Dreamweaver). Government sites in general are among the worst I’ve seen. I’ve always wondered why government puts so little money/effort into their sites.

  35. 35.

    Pooh

    December 29, 2005 at 2:30 pm

    I’m gonna have to defer to my usual position of never assuming malice when mere incompetence would suffice on this one. (hereinafter “NAMMIS”)

  36. 36.

    John Cole

    December 29, 2005 at 2:35 pm

    Deminomndian=- I have popups here- from what?

  37. 37.

    fwiffo

    December 29, 2005 at 3:22 pm

    John – you don’t have popups, Deminomndian has spyware/adware on his computer.

    In any event, noone’s privacy seems to have been violated by this cookie thing, even if they were there intentionally. You’d have to visit the NSA’s site to get a cookie set, and they’d only be able to track you within their web site.

    The only time cookies represent a privacy risk is when they are sent by advertisers (who can track you on any site where their advertisements appear), or if some lazy programmer stores sensitive information in a cookie, like passwords (because cookies are normally not stored in any sort of secure format, and are transmitted to and from the server in the clear unless the connection is https).

  38. 38.

    Pooh

    December 29, 2005 at 3:52 pm

    Ah well, much ado about nothing. At least I got my Zero Wing fix for the day…

    (All your base…base…base…)

  39. 39.

    neil

    December 29, 2005 at 4:01 pm

    I honestly can’t believe people are making a big deal out of this. It almost makes me think it’s a red herring put out to dilute the NSA presence in the news cycle. The NSA violating an executive order in the technical manner in which they… track people’s visits to the NSA web site? And on the other hand, we have the NSA violating a congressional law about the privacy of citizens…

    If nothing else, it provides a valuable news peg upon which to hang the idea that our intelligence-gathering systems are burdened by frivolous regulatory constraints.

  40. 40.

    demimondian

    December 29, 2005 at 4:12 pm

    John – you don’t have popups, Deminomndian has spyware/adware on his computer.

    Sorry, no. I checked; it is the first and most likely cause. (FWIW, I am one of the few hundred people in the world who can debug a Windows box back into the source…and have (legal) access to the source. So I think I’m pretty sure what’s on my machine.)

  41. 41.

    demimondian

    December 29, 2005 at 4:14 pm

    John — I’ll follow up and send you mail. It means turning script back on for your site, so it may take a couple of days to get a repro.

  42. 42.

    TBone

    January 2, 2006 at 10:40 am

    Ancient Purple,

    Well, TB, since you are so certain it is “BS” and “filled with half-truths,” please be so kind as to provide links, citations and the like showing the NYT story is wrong.

    Please check out this link (http://powerlineblog.com/archives/012631.php), read it, and then present to me a reasonable and substantiated rebuttal if you doubt that the hubbub surrounding NSA’s activities is not complete BS.

    The problem with alot of the citizenry is our tendency to buy into the soundbites without taking the time to do the research to see if they are correct or not. Please allow your reason and intelligence drive your mouth, not your emotion. Your ideological masters are counting on your lack of initiative and laziness…is their plan working?

    The whole NSA “domestic “spying” story is another attempt by the Lefty spin-machine to discredit the President…nothing more. The law is clearly not being violated (read the link) and the purpose is pure – stop another terrorist incident before it happens. We are fighting a war against a cyber-savvy enemy who uses communications to plan attacks (remember the WTC!!); it only stands to reason that we must try to identify the terrorists, and stop them well prior to another devastating attack.

    Are cookies on a website something to be worried about? I say “no”, unless you happen to be trying to hack into their networks. Did you know the Chinese make thousands of such attempts every single day? How would you handle that if you were the security administrator on the NSA network? If you freely stop at NSA’s site, then you freely acknowledge the fact that you are seen by the network security administrator as a potential adversary. If you think you are secure on the internet, no matter where you surf, then you are naive. Having said that, I think the NSA has alot more to worry about than whether you stop at a porno site after hitting their page. And tell me, who looks at the NSA site anyway? I know I don’t.

Comments are closed.

Primary Sidebar

On The Road - beckya57 - Copper Canyon, Mexico, April 2025 6
Image by beckya57 (6/19/25)

Recent Comments

  • RevRick on Simon Rosenberg Sees Emerging Opportunity, and I Make Some Lists (Jun 19, 2025 @ 2:19pm)
  • Spanky on Simon Rosenberg Sees Emerging Opportunity, and I Make Some Lists (Jun 19, 2025 @ 2:18pm)
  • Geminid on Simon Rosenberg Sees Emerging Opportunity, and I Make Some Lists (Jun 19, 2025 @ 2:18pm)
  • Belafon on AM in NC – NO KINGS – Durham, NC (with the Durham images this time!) (Jun 19, 2025 @ 2:16pm)
  • Ruckus on Simon Rosenberg Sees Emerging Opportunity, and I Make Some Lists (Jun 19, 2025 @ 2:09pm)

Personality Crisis Podcast (Cole, DougJ, mistermix)

Balloon Juice Posts

View by Topic
View by Author
View by Month & Year
View by Past Author

Featuring

Medium Cool
Artists in Our Midst
Authors in Our Midst
No Kings Protests June 14 2025

🎈Keep Balloon Juice Ad Free

Become a Balloon Juice Patreon
Donate with Venmo, Zelle or PayPal

Calling All Jackals

Site Feedback
Nominate a Rotating Tag
Submit Photos to On the Road
Balloon Juice Anniversary (All Links)
Balloon Juice Anniversary (All Posts)
Fix Nyms with Apostrophes

Social Media

Balloon Juice
WaterGirl
TaMara
John Cole
DougJ (aka NYT Pitchbot)
Betty Cracker
Tom Levenson
David Anderson
Major Major Major Major
DougJ NYT Pitchbot
mistermix

Keeping Track

Legal Challenges (Lawfare)
Republicans Fleeing Town Halls (TPM)
21 Letters (to Borrow or Steal)
Search Donations from a Brand

Site Footer

Come for the politics, stay for the snark.

  • Facebook
  • RSS
  • Twitter
  • YouTube
  • Comment Policy
  • Our Authors
  • Blogroll
  • Our Artists
  • Privacy Policy

Copyright © 2025 Dev Balloon Juice · All Rights Reserved · Powered by BizBudding Inc

Share this ArticleLike this article? Email it to a friend!

Email sent!