Thursday, November 26, 2015

When Cookies Bite Back

Tracking Cookies: What They Are, and How They Threaten Your Privacy 

Not all Web browser "cookies" are bad. They're what let you continue to access a website without re-entering your password on every page. Without cookies, every time you clicked a link on Facebook, it would be necessary to enter your email and password again.

The preferences you establish for search engines, such as Google, would have to be reconfigured every visit. A cookie is a small store of data entered into the website to facilitate this ease of access. Every modern Web browser uses cookies as an essential part of its design.

What is a tracking cookie?

Like every type of program out there, there are versions of cookies that present a risk to the safety of information you enter online. These are known as tracking cookies — specialized versions of cookies that record your entries and report them back to wherever the cookies' designer wants your data to go.

Since you've likely never had to deal with cookies beyond emptying out your browser cache to free up hard-drive space, it's easy to see how a hidden tracking cookie could be installed without your knowledge and be monitoring your activities right now.

How do cookies work?

A regular cookie is essentially a small text file, sometimes only a few kilobytes in size, which contains options the page will load for you upon subsequent visits.

For example, if you turn the SafeSearch option to "high" or "off" in Google, your Web browser would edit the cookie for with a bit of text that tells the Google website to set the SafeSearch option to your setting. However, instead of being held on Google's servers, the cookies are stored on your computer.

That's because servers that host websites already contain massive amounts of data. If the settings for every user who came to each website were stored on Web servers, many site servers would quickly run out of storage space. This is why the load is spread out among individual visitors.

What do tracking cookies do differently?

A tracking cookie takes the regular cookie process one step further and sends a log of your online activities, usually tied to your Internet Protocol (IP) address, to a remote database for analysis. Many tracking cookies are benign and want only to use your information, along with the data of millions of other anonymous users, for marketing analysis.

However, some cookies are designed by programmers to send specific user information, which can include names and addresses, out to the tracker host.

If the host recognizes a cookie on the browser whenever an ad or page is loaded, it can send the record of your visit to the logs and more precisely target you with ads geared to your next visit. Some ads will even address you by name and mention your location.

To many Web users, such practices are an invasion of privacy, and naturally lead to concerns about whom the ad companies are sharing personal data with. 

The federal government is moving forward with a "Do Not Track" proposal that would let people control exactly what they divulge online. Most Web browsers have made Do Not Track an optional feature that users can switch on, but most websites don't honor it.

How to avoid tracking cookies

There are a few different ways to deal with cookies, tracking or otherwise.

First, be sure to regularly clear out cookies when getting rid of other stored private information in a Web browser. This should not take long, and there is likely a large button in the Privacy options that refers to deleting cookies.

Next, you can decide what level of access cookies should get. If you allow all cookies, you are setting yourself up for a potential recording of your personal data. Disallowing third-party cookies usually limits the number of "dangerous" cookies that can be installed.

Finally, be sure that you are up to date on the privacy policies of sites you visit frequently. Often, websites will disclose the use of tracking cookies as part of legal disclaimers. Knowing the attack is coming is always vital in setting up the defense.


As an aside, I recently received an e-card.  Before opening it, I cleared my cookie cache, except for the seven permanent members, which I keep around because they make my browsing easier.  Then I opened the e-card – very nice, thank you! – closed it, and counted the cookies again.  Total count: 147.  Subtract the seven “regulars”, and that leaves 140 cookies dumped in the computer by ONE e-card.  

When you view a webpage, Internet Explorer saves a temporary copy of that page so that it can be displayed more quickly if you open it again later.  Cookies are a small text files that websites put on your computer to store information about you and your preferences.

All these little temporary files and cookies can accumulate at an alarming rate.  You need to flush them from your browser/computer regularly.  If you don't, your browsing speed will slow to a crawl.

If you've noticed a slow-down in the response time of your browser - pages load slowly or crash - it may be time to clean house.  I do my cookie cache every evening before shutting down the computer - it takes about a minute, and I run a program called "Spybot" to detect and remove spyware and malware form my computer.  If you have an accumulation of temporary files, SpyBot will ask you if you want them removed.  I do this about once a week or so.  It takes longer, but you don't have to do anything while it runs, so you can go brush your teeth and turn down your bed while it's working.

You can download SpyBot for free HERE  Sorry, it's only for PCs...