On the cookie idiocy
From the level-headed responses I've read regarding the NSA's web cookie whoopsie, Captain Ed has to have the best analysis:
In the great spectrum of Internet privacy dangers, "persistent cookies" sits on the weakest end. Spyware from free downloads cause more security problems than cookies, and even the ones used by the NSA can be blocked by any browser on the market. The AP uses the mistake to make cookies sound vaguely sinister when they're almost as ubiquitous on the Internet as pop-up ads, if not more so. The Guardian gets even more hysterical, in all senses of the word, when it says that the "[e]xposure adds to pressure over White House powers".
The silliest part of the story is that no one can understand why the cookies would present any danger to visitors to the NSA website. Both versions of the story call the risk to surfers "uncertain", but a more accurate description would be "irrelevant". Even if the NSA used it to track where casual visitors to its site surfed afterwards, it would discover nothing that any casual surfer wouldn't already be able to access on their own with Google or a quick check on Free Republic. Now imagine who stops to check on the NSA website and try very hard to come up with any good reason to spend precious resources on scouring the web preferences of bloggers and privacy groups instead of focusing on real signal intelligence, which already comes in such volume that the agency has trouble keeping up with their primary task. [Emphasis in the original.]