MalwareTeks Blog

While catching up on my blog reading, I came across this particular article at Hosts News, Affiliates gone wild! Now, what caught my attention was the piece about the Mediaplex AdServer Cookie.

What exactly is a cookie? HTTP cookies, sometimes known as web cookies, tracking cookies, or just cookies, are small text files sent by a server to a web browser and back unchanged. Cookies are used for authenticating, tracking, and maintaining specific information about users, such as site preferences and shopping cart contents.

There are some privacy concerns around the use of cookies. They can be used for tracking browsing behavior. As a result, they have been subject to legislation in various countries such as the United States and in the European Union. Cookies have also been criticised because the identification of users they provide is not always accurate and they could potentially be used for network attacks.

Cookies are also subject to a number of misconceptions, mostly based on the erroneous notion that they are computer programs. In fact, cookies are simple pieces of data unable to perform any operation by themselves. They are neither spyware nor viruses, despite the detection of certain cookies by many anti-spyware products.

Most modern browsers allow users to accept or reject cookies, but rejecting cookies will make some websites unusable. Common misconceptions about cookies are:

• Myth: Cookies are like worms and viruses in that they can erase data from the user’s hard disks;
• Myth: Cookies are a form of spyware in that they can read personal information stored on the user’s computer;
• Myth: Cookies generate popups;
• Myth: Cookies are used for spamming;
• Myth: Cookies are only used for advertising.

Cookies are simple pieces of data unable to perform any operation by themselves. They are neither spyware nor viruses. Cookies are not program code. They cannot erase or read information from the user’s computer. However, cookies allow for detecting the Web pages viewed by a user on a given site or set of sites. This information can be collected in a profile of the user. Such profiles are often anonymous, they do not contain personal information.

In his paper, Cookies Detected by Anti-Spyware Programs: The Current Status, Benjamin Edelman states, “Advertising systems use cookies for a mix of purposes, but primarily to track which users have seen which ads. Such tracking helps show ads more effectively — e.g. by avoiding showing the same ad repeatedly to a single user. ”

“… cookies arrive on a users’ disks merely because users visit web sites that place such cookies. The cookies’ arrival actually reflects browsers and sites working as they were designed …”

What or Who is Mediaplex? “Mediaplex provides technology and services that help advertisers, agencies and publishers manage their interactive and traditional advertising activities. Mediaplex’s complete suite of technology solutions includes MOJO Adserver for third party advertising, MOJO Mail for email management and delivery, MOJO Publisher for ad management, the AdVault suite of products for agency production and financial management and media management and Content Depot for digital advertising management solutions.”

From the site of a security vendor, to remain nameless, “Mediaplex is a tracking cookie that tracks your Internet surfing habits such as Web sites visited, and sends the information to a third-party server where it can be analyzed for marketing purposes. When installed, Mediaplex cookie can potentially record any data including sensitive information from your computer.”

The above statement in and of itself is not untruthful, to an extent. However, it can be misleading to the uninformed web surfer. Recall what I stated earlier about cookies. Cookies are simple pieces of data unable to perform any operation by themselves. They are neither spyware nor viruses. Cookies are not program code. They cannot erase or read information from the user’s computer. However, cookies allow for detecting the Web pages viewed by a user on a given site or set of sites. This information can be collected in a profile of the user. Such profiles are often anonymous, they do not contain personal information.

Hold onto to your socks, because here comes the completely exaggerated part.

To quote webhelp2002 from the Affiliates gone wild! article, “Now that must be one hell of a Cookie to do all that! … of course this is a extremely exaggerated claim. There is no evidence that a Mediaplex cookie is involved in any of this type activity.”

That’s a fairly decent summation of my sentiments.

To carry the exaggeration a bit futher, the same website goes on to state:

“WARNING: Mediaplex manual detection and removal process is difficult. You’re required to access sensitive files in your machine. NOT recommended unless you’re an expert in this field.”

Normally that would be a fair assessment when dealing with a Virus or Trojan. However, it’s a cookie, just delete it. Now bear in mind that any time you visit a website that uses Mediaplex to serve ads, the mediaplex cookie will be downloaded by your browser.

To delete cookies:

Internet Explorer Users
1. On the Tools menu, click Internet Options.
2. On the General tab, click Settings, and then click View files.
3. Select the cookie you want to delete, and then, on the File menu, click Delete.

To delete all of the cookies on your computer, click Delete Cookies on the General tab.

Firefox Users
On the Tools menu, Options, clicking the Privacy button, and under Cookies click the Clear button.

Opera Users
Can manage, disable, and enable cookies by clicking the File menu, Preferences, and selecting Privacy.

Note
Some Web sites store your member name and password or other personally identifiable information about you in a cookie; therefore, if you delete a cookie, you may need to re-enter this information the next time you visit the site.