An excellent post from Jason Dunn at Digital Media Thoughts today:
I’ve had two emails in the past week from Pocket PC Thoughts asking why we’re distributing “spyware” onto their computers. We’re not – it’s that simple. What people are seeing is over-protective anti-spyware software treating normal cookies like spyware….
In this case, Avenue A (one of the third-party advertisers that serves up banners when we don’t have our own paying ad) is doing nothing more than dropping a cookie on your machine. The cookie is like every other advertising cookie from DoubleClick and other large advertising agencies: it tracks what ads you’ve seen so it doesn’t show you the same ad more than “X” times.
It’s grossly irresponsible for these anti-spyware companies to treat cookies like spyware. REAL spyware is malicious, machine-hijacking junk that throw pop-ups on your computer, resets your start page, and all sorts of other ugly tricks. A cookie is a text file that has some non-personal information what banner ads have shown on certain sites. That’s it.
Go ahead and open the cookie on your computer and you’ll see it’s harmless. Cookies are not spyware, no matter how hard these anti-spyware companies try to make them out to be. You have to realize that these guys are trying to sell their software too, and if they start blocking cookies as well, they give the perception that they’re “protecting” you even more often. They have an agenda too – think about it.
Yes, indeed. Makers of security software have a vested interest in making sure you are afraid, very afraid. They want you to believe that the online world is dangerous and that without their software you are in danger of being mugged (virtually, anyway) every time you open your browser.
This idea is, to put it bluntly, just so much crap. I spend a frightful amount of time online. I look at all sorts of sites, some of them quite disreputable, when I’m researching security-related topics. And yet I’ve never had one of these evildoers plant a piece of so-called spyware on my computer. Why? Because:
- I am conscientious about installing security patches. Any exploit that relies on OS and browser vulnerabilities is unlikely to affect you if you do likewise.
- I do not install untrusted software, including ActiveX controls and browser add-ins, and I do a lot of due diligence before I decide to install a program even when it comes from a trusted source.
- I am alert to the danger signs of possible problems with rogue software – sudden, unexplained deterioration in performance, mysterious pop-ups, crashes – and I work on solving those problems the instant they appear.
I wish that the makers of anti-spyware programs would stop obsessing about cookies. All they’re doing is distracting us from the real threats.