Clearing Cookies and Privacy Concerns

Hey, I found a web site that’s giving out free cookies!

Response: Great, I’ll bring the milk!

Cookies also known as a web cookie, browser cookie, and HTTP cookie, are a technology that allows website to store on user’s computer by their web browser different settings and information about users.

Using latest security technology such as VPN, proxies and other anonymity tools will not prevent website from recognize your computer.  Most modern browsers allow users to decide whether to accept cookies or not but rejecting cookies makes some websites unusable. So the main question whether you will accept a website to track your online activities or not.

Some cookies are stored on text files on your hard drive but these files do not include sensitive information and others that stay in memory and these may include sensitive information like your logins and passwords.

Now if you are going to check your account web server sends a request to see if you have been properly authenticated if you have the correct login and password you will be directly authorized or you will find your login already into the website. Most online banking software also periodically requests your cookie, to ensure that there is no man-in-the-middle attacks are going on and that someone else has not hijacked the session.

To identify a computer cookies works as follows, For example, to access the page http://www.example.org/index.html, browsers connect to the server www.example.org sending it a request that looks like the following one:

GET /index.html HTTP/1.1
Host: www.example.org
browser ——-→ server

The server replies by sending the requested page preceded by a similar packet of text, called ‘HTTP response’. This packet may contain lines requesting the browser to store cookies:

HTTP/1.1 200 OK
Content-type: text/html
Set-Cookie: name=value
Set-Cookie: name2=value2; Expires=Wed, 09 Jun 2021 10:18:14 GMT

(content of page)

browser ←——- server

The server sends lines of Set-Cookie only if the server wishes the browser to store cookies. Set-Cookie is a directive for the browser to store the cookie and send it back in future requests to the server (subject to expiration time or other cookie attributes), if the browser supports cookies and cookies are enabled. For example, the browser requests the page http://www.example.org/spec.html by sending the server www.example.org a request like the following:

GET /spec.html HTTP/1.1
Host: www.example.org
Cookie: name=value; name2=value2
Accept: */*
browser ——-→ server

 

This is a request for another page from the same server, and differs from the first one above because it contains the string that the server has previously sent to the browser. This way, the server knows that this request is related to the previous one. The server answers by sending the requested page, possibly adding other cookies as well.

Now Flash Local Shared Objects are the most attractive choice to web developers if they are looking to have your cookies. If you are looking to check or delete the created cookies you can use FlashCookiesView which is a simple utility enables you to view or delete all the cookies that were created by Flash components.

If you are using SSL connection you will notice that after a while you need to re-authenticate yourself to continue using the web resource and this is due to timestamps into the cookies. Here it is important to note that there is no direct solution for cookies as if you will delete them after that you will visit other web resources and scripts will automatically restore cookies value.

But you can always select Private Browsing, although this provides a high level of protection against different types of cookie abuse, it also reduces their functionality on the Internet.

 

make sure you subscribe to my RSS feed!

Share
  • Pingback: SecureTechnology()

  • Pingback: Mourad ben lakhoua()

  • Pingback: ArabSec()

  • Pingback: Mourad Ben Lakhoua()

  • Pingback: Seeb()

  • Pingback: SecureArabia()

  • Pingback: SecureTechnology()

  • Pingback: Wiredsec()

  • Pingback: Igor()

  • Pingback: Igor()

  • Pingback: Igor()

  • Pingback: Igor()

  • Pingback: ArabSec()

  • Pingback: Win Security()

  • Pingback: PhysicalDrive0()

  • Pingback: Chad Choron()

  • Pingback: Howard Fuhs()

  • Pingback: MSK Security()

  • Pingback: Mourad Ben Lakhoua()

  • Pingback: ArabSec()

  • Pingback: Lee()

  • Pingback: Confidential Source()

  • Pingback: interactive22()

  • Pingback: BugHunter()

  • Pingback: adtech.feed()

  • Pingback: Tony Doyle()

  • Pingback: John Taylor()