Landships II

Rectalgia · Legend

blueprintbox cookies

TinCanTadpole · Legend

Has anyone else who visited blueprintbox.com (thread in the references section) had trouble with their cookies? I normally have my cookie policy set to 'reject all', but have to alter this to access certain things, such as signing in to this forum; afterwards I tend to clear out all cookies, but even though I haven't been to the blueprintbox website for about a week, when I visit some part of this forum (when I'm signed in), the little b*****s keep reappearing, with a fresh expiry date.

I'm not aware of anything malicious as a result of this, and the cookie names are innocent enough - userid and lastvisit - but I'm slightly bothered that something that is supposed to have been deleted has not.

Has anyone else got this problem, or is it just me?

TinCanTadpole · Legend

Thanks for replying Rectalgia.
I'm using a Mac with Safari as my browser; the cookies I'm seeing on the normal cookie list which can be viewed by going: Safari>preferences>security>show cookies
The options I have for accepting cookies are: Always; Never; Only from Sites I Visit (Block cookies from third party sites and advertisers)
With these options available I use "Never", but that prevents me from signing in to this forum or to my email, so I quickly change the setting to "Only from sites I visit" before signing in, then reset to "Never" afterwards, usually deleting the cookies so that I don't end up with a long list in which (potentially) something nasty could hide. Presumably the setting must have still been on "only from sites I visit" at the time I used blueprintbox.
I've tried emptying the cache and deleting the bookmarks for blueprintbox (nothing very special there anyway) in case this was how the info was remaining, but it seems not.
I could always try resetting Safari, which is supposed to return it to factory default; it's easy and quick to do, but I have a huge list of bookmarks which I'd have to export first.
As I said in the original post, I'm not aware of anything wrong because of these cookies, it's more a nuisance that they are not properly being deleted; at present I'm thinking of allowing them to stay there until they expire (assuming they do!) next year - provided that they don't somehow manage to keep refreshing their expiry date.

TinCanTadpole · Legend

I just noticed you wrote "I've not registered there so probably am of no use unless I do so"; I haven't registered with them either!

TinCanTadpole · Legend

It is rather strange; I've just checked the two cookies I've left in place, and they still show expiry time as they did yesterday: 1.43pm on 26 Feb 2013.
As long as that stays the same, it may be best to see if they do indeed vanish for good at that time.
Only another 364 days to go (this being a leap year)...

Thanks again for looking into this; obviously there are differences between Windows and Mac systems, and these may play a part. As far as I remember there was no cookie from statcounter.com when I visited the site, and it's just the two I've mentioned from blueprintbox itself which recur.

I think I'll just keep an eye on it for now, see if all continues innocently.

�

Update: just went to check after signing out; the cookies have updated their expiry time to 12.41pm, 27th Feb 2013!

-- Edited by TinCanTadpole on Tuesday 28th of February 2012 02:02:43 PM

Rectalgia · Legend

Good Lord! There shouldn't be any userID cookie if we're not registered. Well, there could be a default which is really "no user ID" and yes, I finally found some blueprintbox cookies on my system (they're not the sort SAS would sweep up).

My present system is Windows (XP) with IE8 (all patches and the recent mandatory re-instillation), Firefox 10.0.2 & SeaMonkey 2.7.2 browsers (latest of the frequent updates to both of those Mozilla creations).

I deleted previous blueprintbox cookies from Firefox and from SeaMonkey (looked to be four of them for each) then visited the site via Google with IE8 (first time with that browser) and blocked all cookie requests (session cookies allowed but, apparently, none were set by this site). The index page (I didn't go further) loaded fine with cookies blocked (one requested from blueprintbox, four from googleleads.g.doubleclick.net, three from google.com and one from statcounter.com - ridiculous, innit? - quite a few external images, allowed). I want to see now if the deleted blueprintbox cookies stay deleted.

I think/trust it is all fine and anyway site cookies are only a fraction of any website's total security situation - but that all looks good to me too. However the cookie persistence thing you report is a bit of a puzzle and is not "nice" behaviour.

In Windows there are "Internet settings" which might over-ride settings in the browser(s) and I don't know whether cookies are automatically exported between browsers or not (shouldn't be - different policies - but ...?) and cookie storage locations and methods change with different implementations/upgrades of the browsers (and old caches of the things are not deleted and maybe are "migrated" to the new - I can't tell but, since the "internet experience" is usually quite unaltered after transition, I suppose so).

So, from all that which affects me but not you, whatever I experience might be quite different to that which you are seeing.

Steve

Rectalgia · Legend

Okay, my cookies have gone and stayed gone, even when I revisited the topic in "References" with the blueprintbox link (without clicking on it). I have, nevertheless, edited my original post to remove the "live" links there in case they are somehow triggering the unwanted permanence/update of site cookies through some "helpful" feature of Safari. See if that has made any difference.

Cookies are apparently not needed to visit blueprintbox though I'm sure the owners would prefer their use - they are a co-operative and no doubt like to have some detail on the "casual" site visits and return visits to gauge community interest though that might raise the usual privacy and security concerns (no reason to suppose there is any exceptional cause for concern with that site but the observed persistence of the cookies with at least one OS-application combination certainly seems unusual).

Steve

P.S. I's been a long time since I've used a Mac and I don't believe I ever used Safari on one but some current Windows browsers (at least one of them) have a drop-down selection (from the URL window of the browser) of sites visited by entry direct into the URL window (as opposed to clicking on a link) and that list is not cleared by deleting "browser history" (a separate procedure is used instead, a real PITA). I don't know if Safari is anything like that but that (or something like it) - with a little extra help from an ever-helpful browser - might/could be another source of recurring cookies.

[rant]I wish they would go back to building systems and applications that just do what they're told, not what the developers like to imagine the sheeple "want" which mostly corresponds with uncanny precision to the artificial needs of the phony internet "economy".[/rant]� Good morning, by the way. biggrin

-- Edited by Rectalgia on Wednesday 29th of February 2012 03:14:47 AM

CharlieC · Legend

�

It may not be the blueprintbox site that isn't playing nicely - looking at the cookie titles seem to be from the advertising content. Recommend using Adblock always and never use the IE browser.

Regards,

Charlie

Rectalgia · Legend

The problem complained of seems to concern blueprintbox site cookies but yes Safari AdBlock 2.3.9 for Mac is available (and perhaps the most recent incarnation after a brief search) and would presumably prevent any further interaction between the site advertising content and the site's own cookies and the visitor's local cookie cache.� A prudent choice for a Mac user with such concerns.

TinCanTadpole · Legend

Rectalgia wrote:
P.S. I's been a long time since I've used a Mac and I don't believe I ever used Safari on one but some current Windows browsers (at least one of them) have a drop-down selection (from the URL window of the browser) of sites visited by entry direct into the URL window (as opposed to clicking on a link) and that list is not cleared by deleting "browser history" (a separate procedure is used instead, a real PITA). I don't know if Safari is anything like that but that (or something like it) - with a little extra help from an ever-helpful browser - might/could be another source of recurring cookies.
[rant]I wish they would go back to building systems and applications that just do what they're told, not what the developers like to imagine the sheeple "want" which mostly corresponds with uncanny precision to the artificial needs of the phony internet "economy".[/rant]� Good morning, by the way.

-- Edited by Rectalgia on Wednesday 29th of February 2012 03:14:47 AM

�Good morning to you too! It's after 3am here, I should've gone to bed ages ago � �Probably about lunchtime in Oz?

I don't see any equivalent to those extra Windows drop-down selections, and after seeing the expiry time change, I deleted those cookies I had been going to leave to expire.

I wondered if their return could be triggered by going to the references pages of the forum, where the blueprintbox thread is located, but this doesn't seem to be the case; in fact, all I can say at present is that some�part of the forum seems to trigger it� confuse

A quick check - yep, there they are. I think they've appeared since I started this post. Maybe they are triggered when I post?

Charlie, hi. I don't remember if there were any ad cookies when I visited blueprintbox - when I need to let cookies in, I choose the options which rejects third party digestives.

I'm using Safari, not IE, which I only use on university computers - and that rarely. Adblock is not, to my knowledge, an option on Macs/Safari - unless you mean the cookie option which rejects third parties.

TinCanTadpole · Legend

Rectalgia wrote:
The problem complained of seems to concern blueprintbox site cookies but yes Safari AdBlock 2.3.9 for Mac is available (and perhaps the most recent incarnation after a brief search) and would presumably prevent any further interaction between the site advertising content and the site's own cookies and the visitor's local cookie cache.� A prudent choice for a Mac user with such concerns.

�Hmm, okay, so adblock is around for Safari too. Handy to know, but latest specs are not compatible with my aging OS.�

Rectalgia · Legend

Well, I'm stumped TCT. Since it doesn't seem to be links in the reference section causing your symptoms I suppose I could go back and restore them but shan't bother unless there is clamour and popular acclaim for a move to so do.

You could probably get a version of adblock to suit your version of Safari and Mac OS (older than OS X ? Good Lord, that's practically back to the abacus then). One good thing, if there were any exploits, spyware, etc. out there and able to affect Macs they may not function "properly" on the elder OSs). I soldiered on with a Windows 95 machine until a few years ago and noticed that several viruses hit it and just died there, surely being written for much later systems.

Most of the nasties are Windows-specific and cross-platform ones mostly work through cross-platform third-party applications (okay, like Safari). But not all, I suppose.

I should mention that VirusTotal URL analysis (currently using 19 independent scanning engines) - https://www.virustotal.com/url/8e93325f171e4c7c71d2dbb485ab6bee54338534122351a295a23e7524fe5c18/analysis/1330592319/ - finds no exploits in the blueprintbox index page and that (further) connection analysis confirms that it seeks to lodge two cookies:

Initiating server query ...
Looking up IP address for domain: blueprintbox.com
The IP address for the domain is: 74.50.83.150
Connecting to the server on standard HTTP port: 80
[Connected] Requesting the server's default page.
The server returned the following response headers:
HTTP/1.1 200 OK
Date: Thu, 01 Mar 2012 09:03:11 GMT
Server: Apache/1.3.41 (Unix) PHP/5.2.10 mod_psoft_traffic/0.2 mod_ssl/2.8.31 OpenSSL/0.9.7a mod_macro/1.1.2
X-Powered-By: PHP/5.2.10
Set-Cookie: sessionid=ri5r48e8phongip8qgck9frpd0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 4images_lastvisit=1330592591; expires=Fri, 01-Mar-2013 09:03:11 GMT
Set-Cookie: 4images_userid=-1; expires=Fri, 01-Mar-2013 09:03:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
Query complete.

As said, if those cookies are rebuffed nothing untoward happens (above query was from a simple query engine - IDServe.exe - not a browser, and has no provision to store cookies).

TinCanTadpole · Legend

Thanks for your interest and perseverance with this Rectalgia.

It's reassuring to see that virustotal.com sees nothing sinister in the website; I've noticed in the past couple of days a .google.com cookie popping up as well; whether this is related to the blueprintbox matter, or is an indication of something in my software (senility?) is another question.
Speaking of the software, I didn't actually mean it's prehistoric, it's just that OS X Tiger has been superceded about three times at least; there was Snow Leopard, something else I think, now they're bringing out Mountain Lion. AFAIK, none of these newer versions will run on a mac with a G4 processor. They require higher specs, which Apple provided by switching from IBM G-series chips to Pentium dual core ones, as the G5 chip intended to replace the G4 ran too hot. I'm guessing it would've been too much for lap use, as even the G4 gets rather warm on occasion.

I've an idea that the recurrence of these cookies happens when I submit a post on this forum. Why, I'm not exactly sure - it would have to be related to what I was doing on the day I visited blueprintbox. I'll submit this post, then take a look at the cookie list.

Update. Nope, nothing there at present, except the .google.com cookie titled PREF, which I hadn't deleted from yesterday or the day before.

Update 2.�They returned, some time between the update above and checking through other recent posts (without posting myself). It may be related to a thread I looked at around the time of visiting blueprintbox. Not sure if there's any way round it if so, although I could still try resetting Safari, providing I export my bookmarks first.

-- Edited by TinCanTadpole on Thursday 1st of March 2012 09:46:05 PM

-- Edited by TinCanTadpole on Thursday 1st of March 2012 10:09:15 PM

geod-LA · Sergeant

I've just noticed this thread but, as I too was bothered with regenerating cookies, I may be able to offer some help.

In essence, there are two types of cookies which are resistant to normal deletion procedures:

(1) Flash cookies - these seem to get accepted even if you have the 'Accept no cookies' option turned on, at least in Safari and Firefox. Worse yet, if they get placed in one browser, they are available to others.

(2) Evercookies - these stick to your computer can and regenerate themselves so that you get tracked no matter what you do.

These are sneaky, cheating, undead cookies but fortunately there is hope.

(1) With Flash cookies, you can go to Adobe/Macromedia's web site to see and delete whatever's been inflicted on you:

http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html

There's also some software to handle deletion for you: there's Flush (Mac), Delete Flash Cookies (Mac) and Kill Flash Cookies (multi-platform). Of these, I have only used Kill Flash Cookies.

I'm afraid I don't know the URLS for these but a search should turn them up.

(2) With Evercookies, I use a Mac-only script called kill-evercookie from:

http://www.welcome2inter.net/news/newsdetails.html?identity=31

Doubtless there will be Windows/Linux equivalents around.

Just to be clear: I have no connection with the makers of any of this software; I'm just someone who values my privacy and resents people sneaking around trying to violate it.

TinCanTadpole · Legend

Thanks for replying, geod-LA; my particular problem cleared up on its own after a couple of weeks or so - to my relief. It's not entirely reassuring not to know why it suddenly stopped, but at least it did - and your tips are welcome, should it happen again.

I haven't used blueprintbox since the problem, but there are other sites such as 'the-blueprints.com' which I may look over - I'll just be sure to disable cookies FIRST!

Rectalgia · Legend

By the way ... you can have your browser's cookie handling tested/probed at http://www.grc.com/cookies/forensics.htm (a page on Steve Gibson's website). The probes are particularly helpful in verifying the effects of different privacy settings for your browser.

TinCanTadpole · Legend

Ta.