An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Page 3 of 3 < 1 2 3
Topic Options
#43305 - 01/02/17 08:40 AM Re: Rogue Cookie [Re: artie505]
ryck Offline


Registered: 08/04/09
Loc: Okanagan Valley
Originally Posted By: artie505
When you tried to delete it via Safari prefs was the item with which you were left identified as "Cookie" or "Local Storage"?

It was listed under the Cookies heading, not the Databases.
_________________________
ryck

iMac (Retina 5K, 27", 2017), 3.4 GHz Intel Core i5, 8GB RAM, 2400 MHz DDR4
OS Mojave 10.14.6
Canon MX710 Printer
Epson Perfection V500 Photo Scanner
Time Machine on 1TB LaCie USB-C
Carbon Copy Clone on 500GB OWC Mercury OTG Pro

Top
#43306 - 01/02/17 09:15 AM Re: Rogue Cookie [Re: ryck]
artie505 Online


Registered: 08/04/09
Originally Posted By: ryck
Originally Posted By: artie505
When you tried to delete it via Safari prefs was the item with which you were left identified as "Cookie" or "Local Storage"?

It was listed under the Cookies heading, not the Databases.

So you're saying that those cookies that you couldn't delete in Safari were actually listed as cookies in your Cookie.app pane?

Very frequently, cookies that I delete from Prefs > Privacy > Manage Website Data... reappear in the same pane...identified as "Local Storage", NOT "Cookie", but I don't recall ever running into that situation.
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#43309 - 01/02/17 10:22 AM Re: Rogue Cookie [Re: artie505]
ryck Offline


Registered: 08/04/09
Loc: Okanagan Valley
Originally Posted By: artie505
So you're saying that those cookies that you couldn't delete in Safari were actually listed as cookies in your Cookie.app pane?

Yes. And, as I've been reading your post, another Prosoft cookie appeared except that it's like the one described in post # 43293. This time the name is _cfduid and the numbers under Content are different. It was deleted with Safari>Preferences>Privacy.


Edited by ryck (01/02/17 10:24 AM)
_________________________
ryck

iMac (Retina 5K, 27", 2017), 3.4 GHz Intel Core i5, 8GB RAM, 2400 MHz DDR4
OS Mojave 10.14.6
Canon MX710 Printer
Epson Perfection V500 Photo Scanner
Time Machine on 1TB LaCie USB-C
Carbon Copy Clone on 500GB OWC Mercury OTG Pro

Top
#43311 - 01/02/17 01:56 PM Re: Rogue Cookie [Re: ryck]
artie505 Online


Registered: 08/04/09
Well, I'm thoroughly confused, but I'm not about to buy Drive Genius to clear the fog away; maybe joemike can figure out from where your cookies are coming.

I dunno, I've seen many cookies that disappear when deleted via Safari > Preferences > Privacy only to reappear a short time afterwards, but I've never run across one that couldn't be deleted...period.
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#43312 - 01/02/17 02:00 PM Re: Rogue Cookie [Re: joemikeb]
joemikeb Offline
Moderator

Registered: 08/04/09
Loc: Fort Worth, Texas
Cookie Stumbler mislead me 🤷‍♂️

Since my results were out of line with what others were reporting, I installed Cookie to double check my results. The results are significantly different between the two.
  • Cookie Stumbler was not finding any Prosoft cookies and Cookie found several
  • When I looked at the cookies by browser some of the Prosoft entries were reported as containing tracking cookies and others were not.
  • __cfduid was reported as the tracking cookie and was found in Safari Technology Preview, but not in Safari.
  • a subsequent visit to prosofteng.com in Safari netted three tracking cookies, the previously mentioned _cfduid plus Google Analytics' _ga and _gat
  • __cfduid turned up in many entries other than Prosoft

As to __cfduid itself and whether or not it is truly a tracking cookie, according to Cookiepedia
Originally Posted By: Cookeipedia
Cookie assoiated with sites using CloudFlare, used to speed up page load times. According to CloudFlare it is used to override any security restrictions based on the IP address the visitor is coming from. It does not contain any user identification information.

The main purpose of this cookie is: Strictly Necessary {emphasis added}

Key numbers for __cfduid:
Cookies with this name have been found on 13,740 websites, set by 9,304 host domains.

It has been found as a First Party cookie on 5,300 websites and a Third Party cookie on 17,374 websites.

It has been found as a Persistent cookie on 22,658 websites, with an average life span of 2,352 days. {emphasis added}

It has been found as a Session cookie on 16 websites.

In light of the Cookiepedia entry (and I have no reason to question it) together with the fact it appears Cookie declares any cookie beginning with "__c" or "_c" a tracking cookie, more like a blunderbuss than a shotgun approach, calling __cfduid a tracking cookie seems questionable.

I wish Cookie Stumbler were as good at ferreting out cookies as Cookie or Cookie were as discrete in identifying and reporting cookies as Cookie!


Edited by joemikeb (01/02/17 02:03 PM)
_________________________
joemikeb • moderator

Top
#43318 - 01/04/17 12:09 AM Re: Rogue Cookie [Re: joemikeb]
artie505 Online


Registered: 08/04/09
Originally Posted By: joemikeb
In light of the Cookiepedia entry (and I have no reason to question it) together with the fact it appears Cookie declares any cookie beginning with "__c" or "_c" a tracking cookie, more like a blunderbuss than a shotgun approach, calling __cfduid a tracking cookie seems questionable.

I wish Cookie Stumbler were as good at ferreting out cookies as Cookie or Cookie were as discrete in identifying and reporting cookies as Cookie Stumbler(?)! (Emphasis added)

Stereotyping isn't politically correct, but it's probably why Cookie treats all "_c" and "__c" cookies as tracking cookies when such isn't necessarily the case.

I couldn't find out how many different cookies there are out there, but I suspect that there are so many that it's probably impossible to keep track of all of them, much less catalog each one correctly, so if "_c" and "__c" cookies are generally tracking cookies, some non-trackers are going to get swept up in the dragnet.

It seems like there ought to be a convention governing such things.

Thanks for the link to Cookiepedia; I note that it can't identify either ryck's "_fluid" or "girlscout".
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#43319 - 01/04/17 04:53 AM Re: Rogue Cookie [Re: artie505]
Virtual1 Offline


Registered: 08/04/09
Loc: Iowa
this is informative:

http://www.strategyand.pwc.com/global/home/cookie-information

Quote:
The "__cfduid" cookie is set by the CloudFlare service to identify trusted web traffic. It does not correspond to any user id in the web application, nor does the cookie store any personally identifiable information.
https://support.cloudflare.com/hc/en-us/...duid-cookie-do-

It doesn't appear to be a multipurpose or "common name to use" cookie, it just has one purpose, and is used heavily for that purpose. (and with a five year persistence)

the "cf" is CouldFlare, not sure on the "d", and "uid" in this case is Unique IDentifier, not "User ID". (I see "UID" used equally in both contexts around computers)
_________________________
I work for the Department of Redundancy Department

Top
#43320 - 01/04/17 06:52 AM Re: Rogue Cookie [Re: Virtual1]
artie505 Online


Registered: 08/04/09
Originally Posted By: Virtual1
this is informative:

http://www.strategyand.pwc.com/global/home/cookie-information

Quote:
The "__cfduid" cookie is set by the CloudFlare service to identify trusted web traffic. It does not correspond to any user id in the web application, nor does the cookie store any personally identifiable information.
https://support.cloudflare.com/hc/en-us/...duid-cookie-do-

It doesn't appear to be a multipurpose or "common name to use" cookie, it just has one purpose, and is used heavily for that purpose. (and with a five year persistence)

the "cf" is CouldFlare, not sure on the "d", and "uid" in this case is Unique IDentifier, not "User ID". (I see "UID" used equally in both contexts around computers)

It's not as informative as what joemike posted in post #43312, and ryck and I at the least are seeing only 1 year persistence.

Still wondering what ryck's __cfluid might be.
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#43321 - 01/04/17 08:12 AM Re: Rogue Cookie [Re: artie505]
joemikeb Offline
Moderator

Registered: 08/04/09
Loc: Fort Worth, Texas
Obviously Cookiepedia is a "work in process" brought about by the EU's recent regulatory changes regarding cookies and how the data collected by cookies can be used. At this point Cookiepedia is dependent on the cookie developers to define how data collected by cookies will be used and reported to the public at large. Be that as it may, both the EU regulation and Cookiepedia are a step in the right direction.

This thread prompted me to learn more about cookies in general and "tracking cookies" in particular. That in turn resulted in some serious rethinking of my assumptions. Even a cursory look into the subject reveals that not all "tracking cookies" are bad and in fact many are beneficial to the user. The __cfduid being a case in point. Another example is FineTunedMac, which uses ubbt_hash which is a special code that validates and logs you into the site and ubbt_myid that identifies your user name. Technically both are tracking cookies and are so identified by both Cookie and Cookie Stumbler. (You can disable these cookies by UNchecking the Remember Me box when you log in). Personally I find them a great convenience and have no intention of disabling them.

IMHO Cookie management apps need to become a lot smarter. My ideal would include a system for categorizing cookies including such things as...
  • what information they send
  • what is done with the information — which may be site specific
  • is the information encrypted in transit or plain text
  • etc.
Then the informed user would have the information necessary to make intelligent decisions and the uninformed user could simply select what level of risk they find acceptable.

The trick in all of this is obtaining and maintaining the database used by the app and would imply a database subscription. Cookie Stumbler already uses a database approach and there is an annual subscription to keep it current but what is lacking is the categorization and fine tuning of the level of trust. Perhaps the EU's efforts to regulate cookies and their use of data will make it far easier to obtain the data from the publishers of tracking cookies and make it possible for my idealized app to be developed. Windows users have paid for antivirus signature database subscription for years. It seems to me tracking cookies might present an equally serious threat to privacy and security.

PERSONAL CHOICE
The identification of tracking cookies used in Cookie is such a blunt instrument that I have chosen to disable it in favor of Cookie Stumbler's approach. Then end results may not be noticeably different, but it appears more precise to me.
_________________________
joemikeb • moderator

Top
#43322 - 01/04/17 03:05 PM Re: Rogue Cookie [Re: artie505]
ryck Offline


Registered: 08/04/09
Loc: Okanagan Valley
Originally Posted By: artie505
Thanks for the link to Cookiepedia; I note that it can't identify either ryck's "_fluid" or "girlscout".

Originally Posted By: Virtual1
the "cf" is CouldFlare, not sure on the "d", and "uid" in this case is Unique IDentifier, not "User ID".

Originally Posted By: artie505
Still wondering what ryck's __cfluid might be.

Hmmmm....could be a mea culpa here. I'm now wondering, given all the excellent cookie information that's been presented in this thread, if just misread what I saw in the beginning. Perhaps I actually saw _cfduid but misread it as _cfluid as in: Old eyes + Tiny print = Reading Error.


Edited by ryck (01/04/17 03:08 PM)
_________________________
ryck

iMac (Retina 5K, 27", 2017), 3.4 GHz Intel Core i5, 8GB RAM, 2400 MHz DDR4
OS Mojave 10.14.6
Canon MX710 Printer
Epson Perfection V500 Photo Scanner
Time Machine on 1TB LaCie USB-C
Carbon Copy Clone on 500GB OWC Mercury OTG Pro

Top
#43332 - 01/07/17 03:39 PM Re: Rogue Cookie [Re: ryck]
ryck Offline


Registered: 08/04/09
Loc: Okanagan Valley
Originally Posted By: ryck
Hmmmm....could be a mea culpa here. …. as in: Old eyes + Tiny print = Reading Error.

Yup. I've now checked the Name of the Prosoft cookie at various times it's appeared (immediately after booting, when Safari is loaded, when visting the Prosoft site) and each time it's been _cfduid. blush


Edited by ryck (01/07/17 03:39 PM)
_________________________
ryck

iMac (Retina 5K, 27", 2017), 3.4 GHz Intel Core i5, 8GB RAM, 2400 MHz DDR4
OS Mojave 10.14.6
Canon MX710 Printer
Epson Perfection V500 Photo Scanner
Time Machine on 1TB LaCie USB-C
Carbon Copy Clone on 500GB OWC Mercury OTG Pro

Top
#43339 - 01/08/17 02:27 AM Re: Rogue Cookie [Re: ryck]
grelber Offline


Registered: 08/05/09
Loc: North of 49th ||
While cruising through my cookies I came across a couple I didn't recognize. Usually I merely delete them without examining what their content is. In these cases (inspectlet.com and onesignal.com — the provenance of which I haven't bothered to check, so I have no idea what websites I've visited might have set them) each had a single entry, namely _cfduid .

When I Googled that alone, the following comments showed up:

• The __cfduid cookie is used to override any security restrictions based on the IP address the visitor is coming from.

• The "__cfduid" cookie is set by the CloudFlare service to identify trusted web traffic. It does not correspond to any user id in the web ...


I'm not sure that such info clarifies the other comments and concerns in this thread, but from my perspective (and from the fact that such cookies are not 'persistent' for me on Firefox) they would appear to be simply trackers without other 'motivations'.

Top
#43501 - 01/26/17 11:48 PM Re: Rogue Cookie [Re: joemikeb]
artie505 Online


Registered: 08/04/09
Originally Posted By: joemikeb
Obviously Cookiepedia is a "work in process" brought about by the EU's recent regulatory changes regarding cookies and how the data collected by cookies can be used. At this point Cookiepedia is dependent on the cookie developers to define how data collected by cookies will be used and reported to the public at large. Be that as it may, both the EU regulation and Cookiepedia are a step in the right direction.

IMHO Cookie management apps need to become a lot smarter. My ideal would include a system for categorizing cookies including such things as...
  • what information they send
  • what is done with the information — which may be site specific
  • is the information encrypted in transit or plain text
  • etc.
Then the informed user would have the information necessary to make intelligent decisions and the uninformed user could simply select what level of risk they find acceptable.

The trick in all of this is obtaining and maintaining the database used by the app and would imply a database subscription. Cookie Stumbler already uses a database approach and there is an annual subscription to keep it current but what is lacking is the categorization and fine tuning of the level of trust. Perhaps the EU's efforts to regulate cookies and their use of data will make it far easier to obtain the data from the publishers of tracking cookies and make it possible for my idealized app to be developed. Windows users have paid for antivirus signature database subscription for years. It seems to me tracking cookies might present an equally serious threat to privacy and security.

PERSONAL CHOICE
The identification of tracking cookies used in Cookie is such a blunt instrument that I have chosen to disable it in favor of Cookie Stumbler's approach. Then end results may not be noticeably different, but it appears more precise to me.

It sounds like you've never run across Cookiepedia's parent website, which tells that they've built a database of more than 11 million cookies, and invites participation, as well as anticipates app development.

In addition, it links to this chart, which tells an interesting tale.

My personal choice is to stick with Cookie, because, as can be seen in the linked chart, attempting to categorize cookies is nigh on to futile because of the 31% unknown factor (You've never mentioned how Cookie Stumbler treats __cfduid.), and because even if Cookie deletes the useful/beneficial 9% every minute as I've got it set to do, I've never noticed any ill effects other than losing my shopping cart on one or two websites.

Originally Posted By: joemikeb
Even a cursory look into the subject reveals that not all "tracking cookies" are bad and in fact many are beneficial to the user. The __cfduid being a case in point. Another example is FineTunedMac, which uses ubbt_hash which is a special code that validates and logs you into the site and ubbt_myid that identifies your user name. Technically both are tracking cookies and are so identified by both Cookie and Cookie Stumbler.

Are you sure of that?

I've been with Cookie pretty much since day one, and I'm virtually certain that it has NEVER identified a single cookie placed by FTM as a tracking cookie.

And if Cookie Stumbler is identifying those cookies as trackers it leaves their database suspect.

I also note that Prosoft's version of __cfduid (if, in fact, there are different versions) recreates itself within a minute after my Cookie timer deletes it, and I wonder how many other cookies do the same?

(Writer's block overcome! grin )
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#43507 - 01/27/17 06:30 AM Re: Rogue Cookie [Re: artie505]
Virtual1 Offline


Registered: 08/04/09
Loc: Iowa
"tracking cookies" is a term more often applied to cookies that are intended to be accessed by more than one site. A "remember my login on the next visit" really isn't a "tracking" type of cookie, it's just persistent data for that site only.

Advertisers use "tracking cookies" so when they display an ad on one web site and you click on it, they remember that you are interested in that and next time you visit some other site that uses that same advertiser, they can reload your cookie and see your interests and display more "targeted advertisement" based on your known preferences.

Simply visiting a site can count as a "preference". Do a web search for gold watches, and click on the top hits (which are tracked) and that gets you remembered. Or simply visiting a site or a landing page for gold watches, same thing, advertisers remember seeing you on that page even if you don't click anything. Then next time you visit eBay or some other site with the same advertiser on it, they think "well he was looking at gold watches earlier, lets advertise some here too" and so they do.

This is why you will sometimes notice a strange jump in advertisements for a specific kind or class of products from time to time, across a wide variety of web sites you visit - the tracking cookies have been used to decide you have a recent interest in that and are delivering targeted ads to you as a result. "Jeez my cousin was visiting last week and was on my computer looking for watches, and now all these sites I visit regularly won't stop displaying ads for watches!!" And this is why a lot of people don't like tracking cookies.
_________________________
I work for the Department of Redundancy Department

Top
#44747 - 05/30/17 03:23 PM Re: Rogue Cookie [Re: Virtual1]
ryck Offline


Registered: 08/04/09
Loc: Okanagan Valley
So, things have been going along quite well, using Cookie software, until recently when another persistent cookie has popped up. It started as from "ferrarimaserati" and subsequently became "ferrarimaseratiofvanc". It appears as soon as I open Safari.

With Cookie software, I just hit delete when it appears, and then once more about 15 seconds later when it reappears. Then it's done until the next time I open Safari. However, it is a pain in the patoot but I have decided on a good way to get my revenge. I've decided not to buy either a Ferrari or a Maserati. That'll show 'em! wink laugh
_________________________
ryck

iMac (Retina 5K, 27", 2017), 3.4 GHz Intel Core i5, 8GB RAM, 2400 MHz DDR4
OS Mojave 10.14.6
Canon MX710 Printer
Epson Perfection V500 Photo Scanner
Time Machine on 1TB LaCie USB-C
Carbon Copy Clone on 500GB OWC Mercury OTG Pro

Top
Page 3 of 3 < 1 2 3

Moderator:  alternaut, dianne, MacManiac