Karl`s PC Help Forums

Websites Log Out Issue
JackInCT - 29-9-2013 at 16:59

Re Windows OSs & various web sites log outs:

I've noticed for quite some time, regardless of what browser that I'm using [I have 3], that when I hit the logout button, after the screen resets, I see my email address (which for that particular website is what is needed (mandatory) to log in, and a series of large "dots" in the password block; the number of dots correspond to the length of my password; this is all visible in the sign in/log in window. None of the options/preferences in any of my broswers seem to prevent that. I DO NOT store any passwords/sign in stuff in any of my browser's options/preferences, so that can't be the reason why this occurs.

I'm wondering when I close out the website if my email address, and those dots, "vanish" into cyberspace, or knowing the security holes that exist in the various Windows OSs whether they are stored somewhere on my PC, and are thus accessible to some knowledable hacker who knows where to look for them; even the number of "dots" would tell a hacker how many characters he has to crack.

Anyone know anything about any of this?


Katzy - 29-9-2013 at 21:04

In many cases, now, the number of dots doesn't, in truth, relate to the number of figures in the password. :)

Those passwords are only stored on your machine, if you click "Remember password". But, if you do that, the passwords are quite heavily encrypted. So, unless someone actually uses your own machine, to access these sites, you should be OK.

That having been said, there're freely available programs that can crack those dots, if you set your machine to remember passwords. (I have such a program, myself).

But, again, they'd have to actually use your machine, themselves, to do that.

Those dots are only shown so that anyone looking over your shoulder won't see the password.


LSemmens - 29-9-2013 at 23:56

If you have set your machine to never remember passwords anyway, what might be happening is that a cookie is still "holding" your login details until you close that session. What happens if you close the browser and re-open it? Do the login details persist?


JackInCT - 30-9-2013 at 15:44

Quote:
Originally posted by LSemmens
If you have set your machine to never remember passwords anyway, what might be happening is that a cookie is still "holding" your login details until you close that session. What happens if you close the browser and re-open it? Do the login details persist?


Yes, you're right. It is most likely a cookies 'phenomena'. If I do close out the site (completely), and then immediately go back to it, the log in stuff is not there. The cookies are likely "gone" for one of two reasons, (1) in Firefox I have the Tools/Options set to "never remember history", and perhaps also due to an addon called "Ghostery" (http://www.ghostery.com/), & (2) in IE, I have the IE version of Ghostery, plus the "Delete browsing history on exit" in Tools/Internet Options checked on.

One caveat though: IF I remember correctly the Windows OSs delete file system deletes files by "renaming" the deleted file to begin with an "x" character, and is not, literally, 'vanished' from the HD. That system is how, with the right software, you can 'resurrect' (possibly) a deleted file. My point here is that you shouldn't assume that the cookies are really no longer in existence. And I don't really know if the 'typical' delete tracks/history type software does indeed completely vanquish the cookies.


Katzy - 30-9-2013 at 21:09

Dunno how the others work... But, Opera saves the cookies in a single, heavily encrypted file. :)


JackInCT - 30-9-2013 at 22:54

Quote:
Originally posted by Katzy
Dunno how the others work... But, Opera saves the cookies in a single, heavily encrypted file. :)


Re Opera: you do have a choice under Tools/Preferences/Advanced [tab]/Cookies to check off a setting called "delete new cookies when exiting Opera"; there are 5 choices as to how to "manage" cookies.

There is a rather old (mature) freeware tracks eraser called CCleaner - "CCleaner is a freeware system optimization, privacy and cleaning tool. It removes unused files from your system - allowing Windows to run faster and freeing up valuable hard disk space. It also cleans traces of your online activities such as your Internet history. Additionally it contains a fully featured registry cleaner."

Obviously there are pluses and minuses re whether to erase cookies. I have no idea if a hacker could, theoretically speaking, ever use cookies to do evil.


LSemmens - 1-10-2013 at 02:34

I use cCleaner regularly. It can wipe free space, too, if you are paranoid.


Katzy - 1-10-2013 at 09:17

I used CC, once, to clean the registry.

I wouldn't trust it to do anything, after that fiasco...

But, the point I was making, is that even trying to restore deleted cookies won't be easy, in Opera, at least.

I somehow doubt that the same could be said about IE...


JackInCT - 1-10-2013 at 14:49

Quote:
Originally posted by LSemmens
I use cCleaner regularly. It can wipe free space, too, if you are paranoid.


The list of end users who are NOT paranoid about Internet security was NEVER very long to begin with, and gets shorter every day as new revelations about the USA's NSA shenanigans are revealed. While few private individuals have the resources to eavesdrop/crack passwords/etc. like a government can, it's only a matter of time until private individuals have the same software and algorithms to do so IMO.


LSemmens - 2-10-2013 at 00:39

I'm surprised that cCleaner stuffed your registry so badly, Katzy, I've never had any issues with it. That said, Any program that has such low level access has the potential to screw up things, so I always use them with the expectation of having to break out my recovery media anyway, and have never needed to do so. Heck, not since windows 2000 have I needed to perform a system reload on a regular (6 mths) basis. I can't recall how long since any of my machines were reloaded. (I did try Hissta and that lasted about 1 week but that was to be expected, XP and 7.........)


JackInCT - 2-10-2013 at 03:00

Quote:
Originally posted by LSemmens
I'm surprised that cCleaner stuffed your registry so badly, Katzy, I've never had any issues with it. That said, Any program that has such low level access has the potential to screw up things, so I always use them with the expectation of having to break out my recovery media anyway, and have never needed to do so. Heck, not since windows 2000 have I needed to perform a system reload on a regular (6 mths) basis. I can't recall how long since any of my machines were reloaded. (I did try Hissta and that lasted about 1 week but that was to be expected, XP and 7.........)


Re CCleaner: Under Options/Advanced there is a check off box pertaining to using the Registry Cleaner called, "Show (a) Prompt To Backup Registry Issues"; after you click the "Scan For Issues" button, and then the "Fix Selected Issues" button, you will get a "do you want to backup changes to the Registry" prompt with a yes, no, or cancel option. If you click "Yes", you will be offered a file name to save [a CCleaner generated filename such as 'cc_20131001_225021.reg'; but you can rename the file to anything you want]. I have always presumed that this file was the equivalent of "Restore" (as least as far as the Registry was concerned). This file is, by default, stored in Libraries/Documents, but you can store it anywhere. Since I have had ZERO issues with the Registry Cleaner over these many years, I have never really tested using this file as to whether it's 'perfect' re its purpose.


LSemmens - 3-10-2013 at 10:09

I'm with you there, Jack, FWIW, I never back up changes anyway, if it kills something that I need (which it never has) I am more than willing to reload anyway.


dr john - 3-10-2013 at 19:59

Re saving history and how is it actually deleted.

ALL operating systems make a file appear to be deleted by changing the first character to a character that indicates "this is deleted" That's how file recovery programs work - scanning for such files and offering to change that first character (although the sectors of the disk that it used could be overwritten by another file).

Web browsers use a small database, almost always SQLite. The history record in the database is deleted. Not the file (as that's the database) , but the file contents under history.

But a more important point is WHY do you set it to delete your browser history???
What are you afraid will be seen? Does someone else use your computer who you don't want to know about what sites you visit?

Browser history is very, very useful. Especially if you have visited a site, not added it to favourites / bookmarks (which is also a part of the SQLite database the browser uses) and then want to find it again. Just look in the history and go to it. Ditto if you accidentally close the browser when you meant to minimise it. Typing just the first few letters of an url can result in the full url being displayed, another useful timesaving feature. Browser history is your friend! It is not an evil thing.

Cookies are not evil things either. They are a simple text file that stores details about how you are browsing. In a shopping cart, any shopping cart, the cookie stores your order details and passes them from page to page within the shopping cart, so that you can actually buy the item.

Cookies can store your password and username, making logging in to a forum like this much easier. And if you do not log out of the forum, but instead leave it for another site, you are instantly logged in next time you visit the forum - as happens to me when I visit this forum - because the login cookie says you are still logged in.

SOME sites store the fact that you clicked on an item for sale and can use that to show you the item in adverts, and this has got cookies a bad name.

Personally, I find a lot of the things people do such as deleting browser history and cookies and cached web pages just a bit paranoid.


LSemmens - 4-10-2013 at 00:31

Whilst you are correct in all that you say, John, I do have everything set to "delete" when I close my browser. Cookies and history, if all that was stored was just a recent history, that would be fine, but, as you said, cookies can be used to target advertising, and can be used to garner "personal" information for purposes that was not the initial intent. Browser history, like temp files, can be useful, but it can also be like looking for a piece of paper in a pile of identical pieces. I tend to keep my machine "lean and mean" and delete unnecessary stuff as I go, probably because I grew up with floppy disk based systems and microscopic Hard drives, remember the, then, "huge", 20Mb drives?


JackInCT - 5-10-2013 at 18:10

I'm with LSemmens on this.

IMO a distinction absolutely needs to be made re the difference(s) between paranoia and naivete (AKA foolishness). The internet is driven, for the most part, by a less than pure form of the so called free enterprise system. Cookies are not the sole source of tracking an end user. My Ghostery software clearly shows a number of companies on any given website attempting to follow my surfing (attached image file of one site, I. e., Ghostery is blocking those companies). Without Ghostery I would not know they even existed. Tracking = logging my surfing (and very likely selling that info).

Karls Forums is not a good place to debate the complexities of an end users right to privacy, especially when there are entities who feel that right interferes with their goal to make money (and who could care less what private citizens wishes are). Such a debate would have to delve into who actually owns what 'piece' of the Internet. Similarly a CLOSELY related issue of a government's perception of 'national security' and what they can do would have to be a component of such a debate since they are obviously as interested in what their citizens are doing as any money making corporation.

IMO it was a strategic blunder of major proportions to create the Internet as "free" (except for the ISP access and what those fees pay for). That perception of a "free" ride pandered to the base human desire of 'something for nothing'. Understanding all the underlying structure (hardware, software, etc.) that 'runs' the Internet is something the vast majority of people have zero desire to understand (and who is paying for what AND who is making money off an end users use of the Internet).

Don't recall ever getting a check in the mail from anyone who used my surfing to sell (oh yes, I'm pretty sure "they" have a pretty good idea of my mailing address)!


LSemmens - 6-10-2013 at 00:02

If the internet were not "free", as you put it, Jack, would it have become the force, for good, or bad, that it is today? Would we be even having this discussion?


JackInCT - 6-10-2013 at 00:46

Quote:
Originally posted by LSemmens
If the internet were not "free", as you put it, Jack, would it have become the force, for good, or bad, that it is today? Would we be even having this discussion?


Rather than monopolize the discussion, I'm going to pass on a direct answer to your question, and instead urge the other members of this forum to weigh in on this matter. Feel free to request a moderator to move such a discussion to what they feel is a more appropriate area of this forum.


LSemmens - 6-10-2013 at 10:40

I am a mod, Jack, so can move it wherever. BOT, did you sort the original problem out, or did we get sidetracked?


JackInCT - 6-10-2013 at 15:18

Quote:
Originally posted by LSemmens
I am a mod, Jack, so can move it wherever. BOT, did you sort the original problem out, or did we get sidetracked?


Yes, I now have a full understanding of why the sign in/log in info is visible after I sign out (and why it doesn't reappear when I go back to the site). Since my use of CCleaner has been positive, I will add an "overlay" [the proverbial 'abundance of caution' which seems to be thee buzzword in the USA media] of using it after I log out, especially immediately after I log into a site where I use my credit card.

As far as moving any discussion of the Internet goes, I'll leave it in your good hands to decide whether there are enough forum members interested in "debating" such a topic to warrant doing that.


LSemmens - 6-10-2013 at 23:28

Thanks, mate. I'll start a new thread, that would be easier.