Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Cookie Stuffers on macRumers.com

K

KonichiJ

macrumors newbie
Original poster
Aug 29, 2009
22
0
Wanted to post this to make moderators/admin at macrumors.com aware of a potentially harmful practice occuring on your forum.

There are over 4 posts on this forum that include an image link to snagpic.c-m with a 1x1 .gif, including here:

https://forums.macrumors.com/threads/721136/

and here,

https://forums.macrumors.com/threads/719869/

that may contain data that will plant a cookie within one of your visiting guest's, moderator's, or admin's webbrowser for website affiliate programs like amazon.com or eBay partner network which will earn the offending poster or website if your visitor were to visit that said affiliate program's website to make a purchase. The cookie may override any cookie that your website fairly placed on that user's computer potentially stealing away any earnings that you should have earned.

This exact same thing happened on my own forum this week. The offending posters had placed the .gif on my website, which after further inspection, did not contain harmful data...but could have at a later date should they decide to manipulate that data for the cookie stuffing method.

Here are some links on your forum with the clear.gif posts

http://www.google.com/search?hl=en&...crumors.com+snagpic&btnG=Search&aq=f&oq=&aqi=

Take care,
 
Interesting, there aren't really images on that page aside from the avatars.
 
The images are so small (1x1 pixel), you can't view them without doing a "view source".
 
So you're saying these are harmful? Sure you know the source of them?
 
"potentially" as it will be macrumors.com's job to figure that one out. I don't think a .gif or .jpeg could do any real harm to an unsuspecting user's computer but it could harm macrumors.com's bottom line stealing away earnings that could pay for server costs and other expenses for hosting a website.

Wiki article on cookie stuffing: http://en.wikipedia.org/wiki/Cookie_stuffing
 
Thanks for the feedback, the search results you linked to are from the google cache and were actually deleted from the forums on the 17th of August having only been up for a very short time.

As you probably realise from your first post the url that the specific case comes from is blocked.
 
ah, very good. I hadn't gone that far into detail.....

I just noticed I mispelled macrumors on the thread title.... heh. Anyway, I'm kind of on a mission this morning to find some forums with these posts....looks like you've already taken care of everything here. Take care...
 
Just a note that browsers have a setting to only allow cookies from the site you're visiting, and blocking ones from 3rd party sites, which I believe will keep the cookie stuffing from happening. Below is how to set your browser to not accept third party cookies.

Firefox: Preferences > Privacy > uncheck Accepts third party cookies

Safari: Preferences > Security > choose Accept cookies: Only from sites I visit

Opera: Preferences > Advanced > Cookies (left panel) > choose Accept only cookies from sites I visit
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back