annybbody

Hi Eveyrone I'm a final year cs student just doing project about behavioural targeting. My task is to create a tool that will show flow of user information related to targeted advertising. My initial approach is for the plugin to scan http headers as they always include body and name of the cookies and to scan javascript of the website. The cookies usually contain details such as past browsing history(keywords, logins, website addresses), etc. For this, I'll use a compiler and regex to scan the body of cookies and script and show parsed content with comments to the user, e.g. "you have been assigned with the following user ID on website X. It has collected the folliwng information from your PC, based on (e.g. cookie name) : (info)." Now, to target an ad, the website would need to access third party cookies on user's PC. I'm hoping it would be possible to detect when the website accesses a cookie from a completely different domain and in this way conclude the ad has been targeted. I've only just started so these are very raw ideas. My questions are: 1. If you consider everything that happens between client and server e.g. website being downloading users' cookies, are all activities/interactions included in HTTP headers? 2. Also, are all relevant instructions in javascript code of the website reflected in HTTP headers? 3. Provided that headers include cookie name and content, is there a possibility for the website to implicitly (without showing such activity in http headers) scan contents of another cookie stored on user's PC? For example, there is one set of cookies named _utmz created by Google Analytic, which contains all the keywords previously typed into the browser from various websites. I'm pretty sure the name is always the same so it could be stratightforward for any other website to search for it. 3a. If it is implicit in terms of headers, is there any other way to detect it? 4. Also, can anyone say how difficult it will be to write javascript code that will access Firefox headers and gain access to sqlite file containing the cookies? 5. Anyone has an idea how to interpet the follwing cookie access time: 1320174614684000 located in sqlite file placed by fireox 7? Any thoughts or reading suggestions would be much appreciated.