Feeds

NSA involved in snooping cookie shocker

What's next?

Beginner's guide to SSL certificates

Holy global eavesdropping network, Batman! The NSA has - or rather had - cookies on its website.

Daniel Brandt - he of Google watching and Wikipedia fiddling fame - discovered a pair of cookies lurking on the NSA's (National Security Agency) website. The cookies were set to expire in 2035 and could be used to track your online activity. That's a big no-no under federal rules that forbid the use of most persistent cookies.

The NSA removed the cookies after Brandt brought the issue to the agency's attention and after the AP started asking questions.

"After being tipped to the issue, we immediately disabled the cookies," NSA spokesman Don Weber, told the news service.

Government agencies can use cookies of the non-persistent variety but are discouraged from keeping an ongoing watch on citizens.

The NSA? Cookies?

We know, we know. You're shocked.

In the context of the NSA's constant global monitoring of communications and more recent wiretapping flap, a couple of cookies hardly seem like a big deal. And, in fact, they're probably not. The NSA has played off the appearance of the cookies as an accident. A software upgrade allowed the nasty, persistent buggers to sneak on the website.

As Brandt points out, however, there are no exceptions in federal guidelines for "accidental" snooping.

Or so we think. It seems that just about anything goes these days.

As Ty Webb once remarked: "This isn't Russia. Is this Russia? This isn't Russia." ®

Intelligent flash storage arrays

Whitepapers

Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Reducing the cost and complexity of web vulnerability management
How using vulnerability assessments to identify exploitable weaknesses and take corrective action can reduce the risk of hackers finding your site and attacking it.