Original URL: http://www.theregister.co.uk/2005/12/29/nsa_cookies/

NSA involved in snooping cookie shocker

What's next?

By Ashlee Vance

Posted in Policy, 29th December 2005 01:26 GMT

Holy global eavesdropping network, Batman! The NSA has - or rather had - cookies on its website.

Daniel Brandt - he of Google watching and Wikipedia fiddling fame - discovered a pair of cookies lurking on the NSA's (National Security Agency) website. The cookies were set to expire in 2035 and could be used to track your online activity. That's a big no-no under federal rules that forbid the use of most persistent cookies.

The NSA removed the cookies after Brandt brought the issue to the agency's attention and after the AP started asking questions.

"After being tipped to the issue, we immediately disabled the cookies," NSA spokesman Don Weber, told the news service.

Government agencies can use cookies of the non-persistent variety but are discouraged from keeping an ongoing watch on citizens.

The NSA? Cookies?

We know, we know. You're shocked.

In the context of the NSA's constant global monitoring of communications and more recent wiretapping flap, a couple of cookies hardly seem like a big deal. And, in fact, they're probably not. The NSA has played off the appearance of the cookies as an accident. A software upgrade allowed the nasty, persistent buggers to sneak on the website.

As Brandt points out, however, there are no exceptions in federal guidelines for "accidental" snooping.

Or so we think. It seems that just about anything goes these days.

As Ty Webb once remarked: "This isn't Russia. Is this Russia? This isn't Russia." ®