Thanks to both chriso and munk as I finally got this to work on both vista and XP.
Once again, your help is appreciated.
I've installed the NoScript add-on in Firefox and blocked iesnare, no problems. However, how do I know whether or not to accept all the other things it highlights.
For example, on this site it asks if I want to block google-analytics!
Google produce stats of how many people have visited your website, where they have linked from (en mass, it doesnt say individual people but it would say 17 people from link WWW.BLAHBLAH.COM • Index page, or whatever), what country they are from, that sort of thing.
Originally Posted by trinitybruce
It doesnt do any harm, but i should imagine it is that, turn it off and i should guess you are not then put into the stats, but i am guessing most of this i dont know for sure. If you want me to find out for sure I can ask Ian who would probably know but Munk will read this thread soon anyway and he would DEFINITELY know what it is.
Its not going to be anything bad though.
Have a plan and stick to it
Google analytics just tracks your movement around a website that's subscribed to google analytics so that website owner can view how people use their website. It's not malicious per se, but some would argue that it's an intrusion of your privacy for Google to track your movement around the websites that use GA.
I don't mind it really, but then I maintain a few sites that use Google Analytics and I know how useful it is to have those kind of statistics - TGT itself actually uses Google Analytics! Again I say it's not malicious, it's just a tool that webmasters use to help track / profile site usage.
i keep finding a "tracking cookie" when running system scans on my PC, i can delete them but am curious as to whether i can block them or i suppose ultimately what are they doing on my system? what are the implications of a tracking cookie?
'tracking cookie' is a bit of a truism, all cookies track you, it's what they're meant to do really.
I don't know if this is too much info but here goes...
HTTP is a stateless protocol, it doesn't have any way implicitly to track your progress from one web page to another - so for example when you click on a link from one page on a website that takes you to another page on a website, HTTP doesn't have any way of tracking any site specific info between those two pages.
So what happens is the website will tell your web browser to write a cookie - just a small file that contains information about what you're doing, your settings for the site, maybe where you came from to get to the site, etc etc. Now when your browser goes to another page on that same website, the other page can also read the same cookie that was written on the previous page.
Cookies aren't malicious in and of themselves.
These 'tracking' cookies you talk of are probably from advertising websites, when you visit some sites they will make a call to an advertising site which might place a cookie on your machine to track you as you go from one shopping site to another. They're used for affiliate tracking to pay advertisers if you clicked on their links etc.
The way they work is actually quite similar to the way iesnare works, but they're not quite as pernicious as iesnare (for a start it's a lot easier to block them if you wanted and generally they don't lead to you being restricted in what you can/can't do as iesnare is). Whether you block them is up to you.
Very quick question - I tend to clear my cookies on a regular basis to prevent being constantly spied on. If I had iesnare installed (which I don't appear to at present) then would this action wipe that too rather than go through the steps described? I use Vista by the way.
After a break from betting my profit at the end of January 2010 (13 months since starting) is at £6,153.
No it wouldn't - iesnare uses flash cookies which are different from the normal cookies used by the web browser. Even if you wiped the flash cookies regularly though that possibly wouldn't stop iesnare...
Originally Posted by amberpunter
Think about it as though you're going through customs at an airport and you have your fingerprints scanned, they get added to a central database somewhere. You object to this so you ask the airport to remove your fingerprints from their system - they do this but they only remove the fingerprints from the scanner at the airport, it's still on the central database though so next time you have your fingerprints scanned they still get compared to those on the central database anyway.
Maybe not a great analogy but closeish - if you remove the flash cookies that doesn't really do a lot because the 'damage' has already been done and your digital fingerprint has been submitted already and next time you use that machine somewhere that uses iesnare, the fingerprint will get compared to those on the central db again.
Note this may be completely wrong, it is a closed system after all, but I imagine this is how it works.
If you use CCleaner to clear cookies it does clear flash cookies as well as normal ones. But Munk is right - you really want to stop iesnare from getting on your computer in the first place and take steps to cripple it just in case it does sneak through.
I know that CCleaner clears flash cookies because I have it set up to run every time I restart the computer and it clears the settings of Flash player itself, which are stored is Flash cookies. Which leads me to another layer of protection that you can use - the Flash player settings. Oddly, you have to access this through a web page
Adobe - Flash Player : Settings Manager - Global Storage Settings Panel
Go to the second tab from the left - Global Storage Settings and move the slider completely to the left. This will prevent Flash content from being stored on your computer without you receiving a prompt to accept of reject it. Don't forget that you may need to reset this every time you clear cookies (definitely if you use CCleaner).
The only way to block iesnare is to follow the steps in post 1 above, deleting flash cookies won't help because the damage has already been done by that point - in fact precisely IF you find flash cookies and delete them, it is imperative you follow the steps in the OP to cripple iesnare.
The reasoning being that if your fingerprint has already been sent to the iesnare central database (which will almost certainly be the case if you find iesnare flash cookies and delete them), then the next time you visit a site that uses iesnare they will interrogate the central db to see if your device's fingerprint is there - and it will find your fingerprint as well. Therefore you really must cripple iesnare totally so it can't talk to the central database.
Regarding IP addresses and how that changes things if you change your IP address or use another machine - yes that's fine if you use another machine / IP address because your device fingerprint will be different. However then you have that other machine's fingerprint on the central server (as I type this I think the laptop I'm using now is probably fingerprinted now since I forgot to block iesnare on this machine I think1!!!) and so if you use that machine/IP regularly you might have the same issue.
Whether or not just changing IP address is enough to change your fingerprint, I have no idea, it's a closed system so noone knows what criteria they use to make up your device's fingerprint.