Tracking Cookies

Hello and Happy New Year,

I use IE 8 in Windows Vista Home Premium. Although I use SpywareBlaster, I
continue to have tracking cookies. I have become somewhat obsessive with
deleting these particular cookies at the end of the day. When I set IE to
delete cookies when the browser is closed, I lose all saved sign-in
identifications. Can anything else be done to prevent tracking cookies?
Also should session cookies be allowed?

Thank you.

--

It's a bad idea to obsess about anything, and cookies are no different. ;-)

A session cookie expires at the end of the current browser session
(i.e., when you close your web browser.)

Internet Explorer has had effective cookie management since IE 6. Go to
Internet Options > Privacy. If you like, by clicking on the Advanced
button you can override automatic cookie handling.

Since most of those so-called tracking cookies come from third-party
websites, you can opt to block third-party cookies and accept
first-party cookies.

If that's not enough control for you, you can find millions of cookie
management applications on the web. The problem is, one person's
tracking cookie is another's valuable cookie, so you'll have to figure
something out on your own.

Once you've got those tracking cookies under control, you can start
worrying about Flash cookies (LSO's), referrers, GUIDs, search engines....
---
Leonard Grey
Errare humanum est

Nissi1 wrote:
> Hello and Happy New Year,
>
> I use IE 8 in Windows Vista Home Premium. Although I use SpywareBlaster, I
> continue to have tracking cookies. I have become somewhat obsessive with
> deleting these particular cookies at the end of the day. When I set IE to
> delete cookies when the browser is closed, I lose all saved sign-in
> identifications. Can anything else be done to prevent tracking cookies?
> Also should session cookies be allowed?
>
> Thank you.
>

Hello Leonard,

You are absolutely correct about obsessing, although I may have overstated
the situation a "bit". Also I have used this newsgroup long enough to know
to give as much information as possible. Such as, I not only block third
party cookies but also run CCleaner twice a week as a precautions, more if I
have ventured into websites for the first time (although I also use WOT).
Of course this also deletes my saved usernames and passwords.

I have read enough about some tracking cookies to be completely confused;
along with Google Analytics, and others, are some cookies used to steal
personal information? This is my concern.

Thank you for your assistance.

--



"Leonard Grey" <> wrote in message
news:...
It's a bad idea to obsess about anything, and cookies are no different. ;-)

A session cookie expires at the end of the current browser session
(i.e., when you close your web browser.)

Internet Explorer has had effective cookie management since IE 6. Go to
Internet Options > Privacy. If you like, by clicking on the Advanced
button you can override automatic cookie handling.

Since most of those so-called tracking cookies come from third-party
websites, you can opt to block third-party cookies and accept
first-party cookies.

If that's not enough control for you, you can find millions of cookie
management applications on the web. The problem is, one person's
tracking cookie is another's valuable cookie, so you'll have to figure
something out on your own.

Once you've got those tracking cookies under control, you can start
worrying about Flash cookies (LSO's), referrers, GUIDs, search engines....
---
Leonard Grey
Errare humanum est

Nissi1 wrote:
> Hello and Happy New Year,
>
> I use IE 8 in Windows Vista Home Premium. Although I use SpywareBlaster,
> I
> continue to have tracking cookies. I have become somewhat obsessive with
> deleting these particular cookies at the end of the day. When I set IE to
> delete cookies when the browser is closed, I lose all saved sign-in
> identifications. Can anything else be done to prevent tracking cookies?
> Also should session cookies be allowed?
>
> Thank you.
>

"Nissi1" <> wrote in message
news:ujtFC$...
> Hello Leonard,
>
> You are absolutely correct about obsessing, although I may have overstated
> the situation a "bit". Also I have used this newsgroup long enough to
> know
> to give as much information as possible. Such as, I not only block third
> party cookies but also run CCleaner twice a week as a precautions, more if
> I
> have ventured into websites for the first time (although I also use WOT).
> Of course this also deletes my saved usernames and passwords.
>
> I have read enough about some tracking cookies to be completely confused;
> along with Google Analytics, and others, are some cookies used to steal
> personal information? This is my concern.

Only if you use sites that store personal information in cookies (and anyone
who writes web apps that do need to be taken out and shot!), or that set the
domain for the cookie to be too generic (IE8 is pretty good about trying to
prevent this, you can't for instance set a cookie to be for the entire .com
TLD which would cause IE to send it to every .com site), would you have any
cause to worry.

What you could do is use IE8 for the cookie cleaning, rather than CCCleaner.
There's an option in the IE8 cleanup settings to not clear cookies for sites
in your Favorites, so for any sites where you want sign-in information
retained (and it's cookie based sign-in as opposed to the IE form field data
storage) just add them to your Favorites and their cookies should be left
alone while all the others are removed.

I've been writing web apps since 1994, and have been heavily involved in
e-commerce security and company network security over the past 10 years -
cookies should be the least of your worries, even the tracking ones (they're
generally harmless, and at worst tend to be used to deliver adverts related
to the sites you visit rather than just the content of the page you are
currently looking at).

Dan

> Thank you for your assistance.
>
> --
>
>
>
> "Leonard Grey" <> wrote in message
> news:...
> It's a bad idea to obsess about anything, and cookies are no different.
> ;-)
>
> A session cookie expires at the end of the current browser session
> (i.e., when you close your web browser.)
>
> Internet Explorer has had effective cookie management since IE 6. Go to
> Internet Options > Privacy. If you like, by clicking on the Advanced
> button you can override automatic cookie handling.
>
> Since most of those so-called tracking cookies come from third-party
> websites, you can opt to block third-party cookies and accept
> first-party cookies.
>
> If that's not enough control for you, you can find millions of cookie
> management applications on the web. The problem is, one person's
> tracking cookie is another's valuable cookie, so you'll have to figure
> something out on your own.
>
> Once you've got those tracking cookies under control, you can start
> worrying about Flash cookies (LSO's), referrers, GUIDs, search engines....
> ---
> Leonard Grey
> Errare humanum est
>
> Nissi1 wrote:
>> Hello and Happy New Year,
>>
>> I use IE 8 in Windows Vista Home Premium. Although I use SpywareBlaster,
>> I
>> continue to have tracking cookies. I have become somewhat obsessive with
>> deleting these particular cookies at the end of the day. When I set IE
>> to
>> delete cookies when the browser is closed, I lose all saved sign-in
>> identifications. Can anything else be done to prevent tracking cookies?
>> Also should session cookies be allowed?
>>
>> Thank you.
>>

If your concern is whether tracking cookies can steal your personal
information, and if 'personal information' means such things as your
SSN, credit card number, etc., let me allay your fears.

Detailed information on cookies is beyond the scope of a news post (try
the web) but here are some salient points:

No reputable organization stores your personal information in a cookie.
Reputable organizations store your personal information in encrypted
servers with lots of safeguards. (Besides, who would /want/ to store
your credit card number in a cookie, knowing people can and do erase
cookies?)

A cookie can log you into a website, so you don't have to enter a user
name and password. However, reputable organizations encrypt your
password in the cookie.

They're called 'tracking cookies' because, when aggregated, they paint a
picture of what kind of websites you like to visit. For example, if your
cookies reveal that you've been visiting a lot of car dealerships
lately, that information would be of interest to your local dealer.

There's no way to make sure a tracking cookie is never written to your
hard disk, because /every/ cookie can be used to track the websites you
visit.

If you want to reduce the number of cookies placed by organizations
whose major or sole purpose is to track your activity on the web, only
accept first party cookies and block all advertising. If you do this,
some websites won't work properly or at all, but that's the trade-off
you're making.
---
Leonard Grey
Errare humanum est

Nissi1 wrote:
> Hello Leonard,
>
> You are absolutely correct about obsessing, although I may have overstated
> the situation a "bit". Also I have used this newsgroup long enough to know
> to give as much information as possible. Such as, I not only block third
> party cookies but also run CCleaner twice a week as a precautions, more if I
> have ventured into websites for the first time (although I also use WOT).
> Of course this also deletes my saved usernames and passwords.
>
> I have read enough about some tracking cookies to be completely confused;
> along with Google Analytics, and others, are some cookies used to steal
> personal information? This is my concern.
>
> Thank you for your assistance.
>

Thank you Dan and you again Leonard,

The information you have both provided is extremely helpful and has put to
rest my confusion about tracking cookies. I wish I had asked these
questions some time ago, it would have prevented quite a few anxious
moments. I have tried ad blocking programs, but as stated some websites
either did not work well or not at all. Some of the programs also caused my
browser to act buggy. Silly rabbit.

Regards,

Nissi1

--



"Leonard Grey" <> wrote in message
news:#...
If your concern is whether tracking cookies can steal your personal
information, and if 'personal information' means such things as your
SSN, credit card number, etc., let me allay your fears.

Detailed information on cookies is beyond the scope of a news post (try
the web) but here are some salient points:

No reputable organization stores your personal information in a cookie.
Reputable organizations store your personal information in encrypted
servers with lots of safeguards. (Besides, who would /want/ to store
your credit card number in a cookie, knowing people can and do erase
cookies?)

A cookie can log you into a website, so you don't have to enter a user
name and password. However, reputable organizations encrypt your
password in the cookie.

They're called 'tracking cookies' because, when aggregated, they paint a
picture of what kind of websites you like to visit. For example, if your
cookies reveal that you've been visiting a lot of car dealerships
lately, that information would be of interest to your local dealer.

There's no way to make sure a tracking cookie is never written to your
hard disk, because /every/ cookie can be used to track the websites you
visit.

If you want to reduce the number of cookies placed by organizations
whose major or sole purpose is to track your activity on the web, only
accept first party cookies and block all advertising. If you do this,
some websites won't work properly or at all, but that's the trade-off
you're making.
---
Leonard Grey
Errare humanum est

Nissi1 wrote:
> Hello Leonard,
>
> You are absolutely correct about obsessing, although I may have overstated
> the situation a "bit". Also I have used this newsgroup long enough to
> know
> to give as much information as possible. Such as, I not only block third
> party cookies but also run CCleaner twice a week as a precautions, more if
> I
> have ventured into websites for the first time (although I also use WOT).
> Of course this also deletes my saved usernames and passwords.
>
> I have read enough about some tracking cookies to be completely confused;
> along with Google Analytics, and others, are some cookies used to steal
> personal information? This is my concern.
>
> Thank you for your assistance.
>

tracking cookies is for LOGGING In to a website
No tracking cookies No LOG IN <<LOL>>>

"Nissi1" <> wrote in message
news:...
> Thank you Dan and you again Leonard,
>
> The information you have both provided is extremely helpful and has put to
> rest my confusion about tracking cookies. I wish I had asked these
> questions some time ago, it would have prevented quite a few anxious
> moments. I have tried ad blocking programs, but as stated some websites
> either did not work well or not at all. Some of the programs also caused
> my
> browser to act buggy. Silly rabbit.
>
> Regards,
>
> Nissi1
>
> --
>
>
>
> "Leonard Grey" <> wrote in message
> news:#...
> If your concern is whether tracking cookies can steal your personal
> information, and if 'personal information' means such things as your
> SSN, credit card number, etc., let me allay your fears.
>
> Detailed information on cookies is beyond the scope of a news post (try
> the web) but here are some salient points:
>
> No reputable organization stores your personal information in a cookie.
> Reputable organizations store your personal information in encrypted
> servers with lots of safeguards. (Besides, who would /want/ to store
> your credit card number in a cookie, knowing people can and do erase
> cookies?)
>
> A cookie can log you into a website, so you don't have to enter a user
> name and password. However, reputable organizations encrypt your
> password in the cookie.
>
> They're called 'tracking cookies' because, when aggregated, they paint a
> picture of what kind of websites you like to visit. For example, if your
> cookies reveal that you've been visiting a lot of car dealerships
> lately, that information would be of interest to your local dealer.
>
> There's no way to make sure a tracking cookie is never written to your
> hard disk, because /every/ cookie can be used to track the websites you
> visit.
>
> If you want to reduce the number of cookies placed by organizations
> whose major or sole purpose is to track your activity on the web, only
> accept first party cookies and block all advertising. If you do this,
> some websites won't work properly or at all, but that's the trade-off
> you're making.
> ---
> Leonard Grey
> Errare humanum est
>
> Nissi1 wrote:
>> Hello Leonard,
>>
>> You are absolutely correct about obsessing, although I may have
>> overstated
>> the situation a "bit". Also I have used this newsgroup long enough to
>> know
>> to give as much information as possible. Such as, I not only block third
>> party cookies but also run CCleaner twice a week as a precautions, more
>> if
>> I
>> have ventured into websites for the first time (although I also use WOT).
>> Of course this also deletes my saved usernames and passwords.
>>
>> I have read enough about some tracking cookies to be completely confused;
>> along with Google Analytics, and others, are some cookies used to steal
>> personal information? This is my concern.
>>
>> Thank you for your assistance.
>>

"Hot-text" <hot-> wrote in message
news:0BE2A718-EFA2-4D71-ABCB-...
> tracking cookies is for LOGGING In to a website
> No tracking cookies No LOG IN <<LOL>>>

Tracking cookies are used by advertisers to track visits to sites, such as
Google Analytics. That's why they're called Tracking cookies, because they
track you from site to site.

I've never seen anyone refer to a "personalisation" cookie (as it's storing
a personal setting) as a tracking cookie before ...

Dan

> "Nissi1" <> wrote in message
> news:...
>> Thank you Dan and you again Leonard,
>>
>> The information you have both provided is extremely helpful and has put
>> to
>> rest my confusion about tracking cookies. I wish I had asked these
>> questions some time ago, it would have prevented quite a few anxious
>> moments. I have tried ad blocking programs, but as stated some websites
>> either did not work well or not at all. Some of the programs also caused
>> my
>> browser to act buggy. Silly rabbit.
>>
>> Regards,
>>
>> Nissi1
>>
>> --
>>
>>
>>
>> "Leonard Grey" <> wrote in message
>> news:#...
>> If your concern is whether tracking cookies can steal your personal
>> information, and if 'personal information' means such things as your
>> SSN, credit card number, etc., let me allay your fears.
>>
>> Detailed information on cookies is beyond the scope of a news post (try
>> the web) but here are some salient points:
>>
>> No reputable organization stores your personal information in a cookie.
>> Reputable organizations store your personal information in encrypted
>> servers with lots of safeguards. (Besides, who would /want/ to store
>> your credit card number in a cookie, knowing people can and do erase
>> cookies?)
>>
>> A cookie can log you into a website, so you don't have to enter a user
>> name and password. However, reputable organizations encrypt your
>> password in the cookie.
>>
>> They're called 'tracking cookies' because, when aggregated, they paint a
>> picture of what kind of websites you like to visit. For example, if your
>> cookies reveal that you've been visiting a lot of car dealerships
>> lately, that information would be of interest to your local dealer.
>>
>> There's no way to make sure a tracking cookie is never written to your
>> hard disk, because /every/ cookie can be used to track the websites you
>> visit.
>>
>> If you want to reduce the number of cookies placed by organizations
>> whose major or sole purpose is to track your activity on the web, only
>> accept first party cookies and block all advertising. If you do this,
>> some websites won't work properly or at all, but that's the trade-off
>> you're making.
>> ---
>> Leonard Grey
>> Errare humanum est
>>
>> Nissi1 wrote:
>>> Hello Leonard,
>>>
>>> You are absolutely correct about obsessing, although I may have
>>> overstated
>>> the situation a "bit". Also I have used this newsgroup long enough to
>>> know
>>> to give as much information as possible. Such as, I not only block
>>> third
>>> party cookies but also run CCleaner twice a week as a precautions, more
>>> if
>>> I
>>> have ventured into websites for the first time (although I also use
>>> WOT).
>>> Of course this also deletes my saved usernames and passwords.
>>>
>>> I have read enough about some tracking cookies to be completely
>>> confused;
>>> along with Google Analytics, and others, are some cookies used to steal
>>> personal information? This is my concern.
>>>
>>> Thank you for your assistance.
>>>

"Leonard Grey" <> wrote in message
news:#...

> A cookie can log you into a website, so you don't have to enter a user
> name and password. However, reputable organizations encrypt your password
> in the cookie.

I'd go as far to say that reputable organisations don't store even an
encrypted password in a cookie - I wouldn't personally do that in any of my
applications. What I have seen in many applications (such as phpBB, and a
few other open source forum systems) that works well is to have a user id
and a session id, and have a server-side database that maps those 2 together
along with other details that help to determine if the cookie has been
hijacked or not (such as IP address, browser user agent, etc). That way the
password is never encrypted on the browser machine, so cannot be reversed to
gain access to the login details, and copying the cookie to a different PC
results in the user having to log in again (so mitigating man in the middle
hijacking of the cookie to gain access to personal details).

> There's no way to make sure a tracking cookie is never written to your
> hard disk, because /every/ cookie can be used to track the websites you
> visit.

IE8's In Private mode only retains cookie data in memory, and never writes
to the hard disk. I've just checked this by visiting a site I've written
that writes a session cookie - the stored cookie file in the TIF doesn't
contain this session cookie (it does still contain the data from cookies
written there in normal browsing sessions), but when the server displays the
cookie data sent it's showing the new value set in the current session.

> If you want to reduce the number of cookies placed by organizations whose
> major or sole purpose is to track your activity on the web, only accept
> first party cookies and block all advertising. If you do this, some
> websites won't work properly or at all, but that's the trade-off you're
> making.

This is good advice. It won't stop tracking systems like Google Analytics,
affiliate systems like TradeDoubler, or other similar systems that use a
combination of a 1st party cookie for the site, and a script that is loaded
to send that cookie data back to the central data collecting servers, but in
general will keep off most of the junk advertising tracking cookies.

Dan

> ---
> Leonard Grey
> Errare humanum est
>
> Nissi1 wrote:
>> Hello Leonard,
>>
>> You are absolutely correct about obsessing, although I may have
>> overstated the situation a "bit". Also I have used this newsgroup long
>> enough to know to give as much information as possible. Such as, I not
>> only block third party cookies but also run CCleaner twice a week as a
>> precautions, more if I have ventured into websites for the first time
>> (although I also use WOT). Of course this also deletes my saved usernames
>> and passwords.
>>
>> I have read enough about some tracking cookies to be completely confused;
>> along with Google Analytics, and others, are some cookies used to steal
>> personal information? This is my concern.
>>
>> Thank you for your assistance.
>>