Published Aug 25, 2022 by Xiph
You’ve seen it a hundred times – you’re visiting a new website, see a pesky notification informing you that the page is using cookies to track you and it asks you to ‘accept all cookies’ to ‘enable core website functionality’. The site may invite you to read its cookie policy (which you never do), and it may tell you the tracking is to ‘enhance’ your browsing experience, although it feels very much like a trade-off with your data.
Web cookies track and store all kinds of information relating to your browsing activities including which websites you visit, and exactly what you get up to once on those websites. That’s why it’s important to understand how cookies work and to manage how your browser stores these packets of information. Here’s everything you need to know about internet cookies.
What do internet cookies do?
Cookies, also known as web cookies, internet cookies, or tracking cookies, are small packets of data that your mobile or computer receives from a web server and sends back without alterations to track and monitor your activity when you’re browsing a website. Cookies allow websites to remember your device, browser preferences, and other online activities like what websites you’ve previously visited, your on-site scrolling speed, where your mouse hovered, which links or buttons you’ve clicked on, and what you’ve purchased from any e-commerce sites you’ve visited, search queries on Google, and more.
Basically, cookies carry your information from website to website, or between sessions on related websites. They’re meant to improve your user experience on-site and, on the web, more broadly, although this tracking is often a trade-off with your privacy.
How do cookies track your data?
Tracking cookies are created by the web server upon your connection. This data is labelled with an ID unique to you and your computer and exchanged between your computer and web server. The server then reads the ID and knows what information to specifically serve you when you return to the website or certain pages. All websites use cookies to improve their functionality, for analytical purposes, to serve you personalised ads, or for all three purposes at once.
Cookies can store and track information specific to you, including:
- Personally identifiable information like your name, email address, home address, and phone number
- Your devices’ IDs
- IP (Internet Protocol) address/geolocation
- Login information and passwords
- Operating systems, browser preferences, language settings, etc.
Cookies can also track information relating to your online activity and behaviour, including:
- Page views, including session durations, bounce rates, etc.
- Purchase information (items in your shopping cart and what you’ve previously bought)
- Website referrals from social media, search engines, etc.
- Time stamps
- Privacy settings such as cookie preferences
Read more: 8 easy tips on how to stay anonymous online
Types of internet cookies
There are three main types of tracking cookies: persistent cookies, session cookies, and third-party cookies.
- Persistent cookies: Persistent cookies also known as permanent cookies, are stored on your device indefinitely to help remember your browsing preferences, settings, and information for future visits like sign-on credentials, usernames, passwords, etc. These cookies can track multiple visits to the same site over time. Most online shopping sites use persistent cookies to track visits from users, including their pages and products viewed. Facebook and other social media sites use persistent cookies to keep your login details so that you don’t have to sign in every time you use their platform.
- Session cookies: Session cookies are server-specific cookies that delete immediately after closing your browser (when the session ends). Many websites use session cookies for essential site functions. An example of a session cookie is a shopping cart on most e-commerce or online shopping websites. These allow you to keep items in your shopping cart even after clicking on a different page. Without session cookies, you wouldn’t be able to add multiple items to your cart.
- Third-party cookies: Third-party cookies − also known as tracking cookies − are those placed by advertisers (not the website you’re visiting) to follow you around the web and track your every move to later serve you personalised ads. On the other hand, first-party cookies are directly stored by the websites you visit.
Should you accept cookies?
There is no obligation to accept cookies all the time, but they do help improve your user experience on a website. Banning all cookies makes some websites difficult or sometimes impossible to navigate. However, you can change your cookie settings to limit third-party cookies and other intrusive tracking cookies to protect your online privacy while still making it possible to shop online and carry out similar activities.
Third-party cookies which follow you around the internet to track your broader online activity and serve you targeted ads don’t impact user experience, so you should always block third-party cookies when you can.
You can also delete cookies from your computer anytime, although this will erase information saved in your browser, including your account passwords, website preferences, and settings. You should clear your browser cookies once a month and immediately after a session if you’re using a public computer.
Are internet cookies safe?
Internet cookies are generally safe because the data in cookies doesn't change when it travels back and forth. Internet cookies can’t carry viruses or other malware to infect computers and can’t directly steal passwords. They simply save scrambled data on your device that only the website can decode.
However, there are pseudo-malicious files like ‘supercookies’ that get stored at the network level rather than the browser level. Unlike HTTP cookies, these aren’t designed to be stored in normal cookie storage locations and represent a potential security risk. They can access information like your browsing habits and login credentials even after you’ve deleted your cookies.
There are also ‘zombie cookies’ which automatically return to life (hence the zombie moniker) after being deleted, making zombie cookies tough to manage and delete completely. It’s also important to remember that there are viruses and malware that can be disguised as cookies. Third-party tracking cookies can also cause security concerns since they make it easier for parties you can’t identify to watch where you’re going and what you’re doing online.
How to manage internet cookies
All internet browsers have a function that allow you to change your security and privacy settings, including managing cookie preferences. Follow these steps to manage your cookies in your browser:
- Open your browser
- Find where cookies are stored (based on your browser)
- Chrome: Click Chrome Menu > Choose Preferences > Expand Advanced Settings > Select Privacy and Security > Open Content Settings > Select Cookies
- Internet Explorer: Click Tools > Click Internet Options > Select General > Select Browsing History > Click Settings
- Safari: Click Preferences > Choose Privacy > Click Cookies & Website Data > Manage Website Data
- Mozilla Firefox: Click Options > Privacy & Security > Choose Cookies & Site Data > Clear Data
- Choose your cookie settings – you can enable, restrict or ban cookies based on your preferences
Can a VPN block internet cookies?
A Virtual Private Network (VPN) can’t prevent cookies from tracking you, but it can encrypt your connection and disguise your IP address, to mask your browsing activity, like search terms, links clicked, and websites visited, as well as your location. If you’re looking to stop cookies from storing your information, be sure to use a private browser or incognito mode, and privacy-friendly search engines like DuckDuckGo, Startpage, or Qwant. You can also manage your browser settings to delete cookies automatically after each session.
A final word
Cookies may be a necessary evil if you want to navigate the web smoothly, but you can limit how they store your data (if at all) and stop advertisers from spying on your every online move. If you’re concerned about your online privacy, speak to a cyber security expert about your options via email: enquiries@xiphcyber.com.
Posted in: Security