What
are Cookies?
Cookies are small, mostly circular pieces of sweets,
that are fun to... Oops Sorry!
Cookies are small, often encrypted text files that are stored silently on a user's computer. These files are designed to carry a little amount of data specific to a particular client and website. Cookies are automatically created when a browser loads a website, allowing a server to deliver a custom made page to a particular user every time this user goes back to the same website.
Cookies Expiry Periods
The expiry time of a cookie is assigned when the cookie is originally created. Some cookies are deleted or purged when the current browser window is closed (Session cookie), but others can be made to last for a longer period of time (Persistent cookie). Yet some can last for one year or even more.
Are Cookies Secure enough?
Internet security and privacy is of huge concern. Cookies do not in themselves present a threat to privacy, since they can only be used to store information that the user has volunteered or that the web server already has. But the existence of cookies poses an inherent risk of being abused
Cookies are NOT viruses, nor are they malicious; using a plain text format, they are not compiled pieces of code so they cannot be executed nor are they self-executing. Accordingly, they cannot make copies of themselves and spread to other networks to execute and replicate again. Unable to perform these functions, they are not classified as Malware. However, breaches of browser security can allow tracking cookies to be placed. These cookies can be used to follow users from one site to another, forming comprehensive profiles. Users consider this to be a violation of privacy, and in the wrong hands this information can potentially be exploited for questionable purposes. For that reason several anti-malware products flag cookies as candidates for deletion after standard virus and/or spyware scans.
Cookies can be exploited
Several malicious activities could be associated with the existence of cookies much like: Network eavesdropping, publishing false sub-domain – DNS cache poisoning, and Cross-site scripting. (More on these attacks in later posts)
Traffic on a network can be intercepted and read by computers on the network other than the originator (Especially over unencrypted open Wi-Fi). This traffic includes cookies sent on ordinary unencrypted HTTP sessions. When network traffic is not encrypted, attackers can read the communications of other users on the network, including HTTP cookies as well as the entire contents of the conversations.
How to live with cookies
Due to the fact that many of the largest and most-targeted websites use cookies by default, cookies usage is almost inevitable. Websites like Facebook, YouTube, Gmail, and many others require the usage of cookies for best performance and presentation. Even search settings require cookies for language settings.
Here are some tips you can use to ensure worry-free cookie-based browsing:
Cookies are small, often encrypted text files that are stored silently on a user's computer. These files are designed to carry a little amount of data specific to a particular client and website. Cookies are automatically created when a browser loads a website, allowing a server to deliver a custom made page to a particular user every time this user goes back to the same website.
Cookies Expiry Periods
The expiry time of a cookie is assigned when the cookie is originally created. Some cookies are deleted or purged when the current browser window is closed (Session cookie), but others can be made to last for a longer period of time (Persistent cookie). Yet some can last for one year or even more.
Are Cookies Secure enough?
Internet security and privacy is of huge concern. Cookies do not in themselves present a threat to privacy, since they can only be used to store information that the user has volunteered or that the web server already has. But the existence of cookies poses an inherent risk of being abused
Cookies are NOT viruses, nor are they malicious; using a plain text format, they are not compiled pieces of code so they cannot be executed nor are they self-executing. Accordingly, they cannot make copies of themselves and spread to other networks to execute and replicate again. Unable to perform these functions, they are not classified as Malware. However, breaches of browser security can allow tracking cookies to be placed. These cookies can be used to follow users from one site to another, forming comprehensive profiles. Users consider this to be a violation of privacy, and in the wrong hands this information can potentially be exploited for questionable purposes. For that reason several anti-malware products flag cookies as candidates for deletion after standard virus and/or spyware scans.
Cookies can be exploited
Several malicious activities could be associated with the existence of cookies much like: Network eavesdropping, publishing false sub-domain – DNS cache poisoning, and Cross-site scripting. (More on these attacks in later posts)
Traffic on a network can be intercepted and read by computers on the network other than the originator (Especially over unencrypted open Wi-Fi). This traffic includes cookies sent on ordinary unencrypted HTTP sessions. When network traffic is not encrypted, attackers can read the communications of other users on the network, including HTTP cookies as well as the entire contents of the conversations.
How to live with cookies
Due to the fact that many of the largest and most-targeted websites use cookies by default, cookies usage is almost inevitable. Websites like Facebook, YouTube, Gmail, and many others require the usage of cookies for best performance and presentation. Even search settings require cookies for language settings.
Here are some tips you can use to ensure worry-free cookie-based browsing:
-
Most modern browsers support different levels of cookie acceptance, expiration
time and ultimately deletion. Change your browser settings “Cookie Settings” to
your preference.
-
When
sharing PC access, you should make sure to set your browser to purge browsing
data every time the browser is closed.
-
Don’t
use other's / Public wireless networks especially when communicating sensitive information
over the internet.
-
Use Https rather than Http when available.
-
Use
a capable and updated anti-malware software.
-
Routinely
back-up your computer to prevent data loss.
-
Make
sure your browser is updated: security patches are applied when you update your
browser.
No comments:
Post a Comment