Have you ever wondered when you revisit a website and your username already appears on a login page? Or how about searching for used cars, and then noticing a plethora of used car ads appearing while browning? It seems as though the Internet is keeping track of the things you do online.
Well, in a way, it does. One of the means by which this is accomplished is through the use of Internet Cookies. These are small files that personalize our browsing experience, but, the question arises, should we accept cookies or not?
In this article, I’ll explain what cookies are, how they work, and should we have any security concerns. I’ll also show you how to manage cookies by enabling or disabling cookies on popular browsers like Google Chrome and Microsoft Edge, and others, and on iOS and Android devices. So let’s get to it.
I’m sure you’ve heard the term, browser cookies, or Internet cookies, or have seen websites with pop-up windows indicating that the site uses cookies, and asking whether you want to accept cookies or not. But what exactly is a cookie? Very simply, it’s just a piece of computer code that a website places in your browser when you visit a website.
Cookies are able to gather information as you peruse the Internet, and in this way, they can personalize your browsing experience and make surfing a lot easier. On the other hand, many have expressed concerns about privacy and how much information do websites collect from you via cookies.
Cookies on websites are means by which a web server or website can leave a trace on your computer or other device. The website can store small pieces of information in your browser, and then the next time you visit the website, the cookies are sent back to the web server where it is updated and sent back to your browser.
Using cookies, a website can collect information about a user’s behavior on the website, such as the web pages that the user visits. A website can set cookies and then utilize them to fine-tune its web pages to attract visitors and advertisers. Cookies are used by many e-commerce companies, like Amazon, to construct a form of online shopping cart that enables customers to visit the website many times before eventually completing the checkout process.
How do Cookies work?
Let’s dive a little deeper into how cookies work, don’t worry it’s not going to be too complicated.
1. Accessing the Website
When you visit a website, the web server (that’s just a fancy name for the computer running the website) may want to get some information from you.
2. Creating the Cookie
The server then creates a record, which is a small file that contains the information. It then assigns it a unique ID and sends it to your web browser.
3. Storing the Cookie
When the cookie is sent back to your browser, it’s stored on your device, and there is usually a particular folder where cookies are stored. The information sent by the web server via the cookie may include things like login credentials, items in your shopping cart, or your browsing preferences.
From now on, each time you visit the web page again, your browser will look for cookies associated with it and return them with the request. After receiving the cookie and reading the ID, the website server gets the related information.
Are Cookies Safe?
Are cookies a threat to online safety? Can cookies steal my information? Should I accept cookies or not? These questions reflect some concerns regarding cookies. Generally, cookies are considered safe, as it’s not possible for cookies to compromise your system’s security. Although they may look like executable code, cookies are actually only tiny files. Cookie storage does not in and of itself reveal any information to the server, rather, it is the server that requests cookie storage from your browser.
Cookies are usually stored on a file or folder on your computer or other device. The cookies for one website are not available to other websites, and a website cannot use cookies to access information stored on a user’s computer. As mentioned before, a cookie is not a piece of executable code, so it cannot scan a user’s hard drive for sensitive information and relay it back to the web server.
According to the U.S. Department of Energy’s Computer Incident Advisory Capability, now called the U.S. Department of Energy Cyber Incident Response Capability (DOE-CIRC) “The popular concepts and rumors about what a cookie can do have reached almost mythical proportions” Upon further analysis, they concluded, “The vulnerability of systems to damage or snooping by using Web browsing cookies is essentially nonexistent”.
Cookie Types
Below I’ll descibe the major types of cookies being used, and which ones you should accept.
Session Cookies
These cookies are only kept in the user’s browser memory for a short time while they visit the page. The user’s session cookies are erased when the computer is closed. Close your eyes and accept the cookies.
Persistent Cookies
Persistent cookies, on the other hand, stay on the user’s computer even after the browser is stopped. They have an end date and are valid until that date, unless they are deleted.
Persistent Cookies can pose risks to privacy and security. On deciding whether to accept, consider the trustworthiness of the site, and review the cookie policy. If you are concerned about privacy, you can adjust your browser setting to block persistent cookies.
Secure Cookies
Secure cookies are only sent over HTTPS links. This adds an extra layer of security by encrypting the data being sent between your browser and the website. Go ahead and accept.
HttpOnly Cookies
The purpose of HttpOnly cookies is to prevent client-side scripts, such as JavaScript, from accessing them. This helps prevent some kinds of attacks, including cross-site scripting (XSS). Just a side note, a script is a list of orders written in a programming language that can be run on a computer to make tasks run automatically or reach certain goals. Go ahead and accept.
Third-Party Cookies
These cookies were placed by websites other than the one the user is presently on. They are often employed across several websites for tracking and advertising purposes. Third-party cookies can compromise your privacy by allowing these websites to create detailed profiles of your online activities.
Unless you’re using features like embedded videos, social media buttons, or interactive maps on websites, do not accept third party cookies.
Authentication Cookies
These cookies help websites recognize who has logged in, so users may access material that is restricted or carry out authorized tasks without having to input their login information again. When implemented and managed correctly, authentication cookies are generally safe.
Tracking Cookies
With tracking cookies, advertisers are able to provide users with customized advertisements based on their interests and browsing history across a variety of websites. These can raise privacy concerns, as these websites can create profiles of users based on their online activity.
Also, if a website’s cookie handing mechanism is compromised, the attacker can steal or manipulate cookies to impersonate a legitimate user or gain unauthorized access. Most modern browsers give you the ability to remove tracking cookies fairly easily.
Analytics Cookies
By using these cookies, websites may gather data on how visitors use it, including the pages they visit most frequently and the amount of time they spend on each one. The user experience and functionality of the website are then enhanced using this data. Google Analytics is an example of a platform that uses analytical cookies. If you choose to accept analytical cookies, ensure if is from a safe and reputable website.
Staying Safe with Cookies
1. Be aware of what Cookies are Being Placed on your Computer
The majority of online browsers enable you to view the cookies that are saved and remove them at your discretion.
2. Regularly Clear your Cookies
This will assist in reducing the quantity of personal data that websites are able to collect about you.
3. Choose the Websites you visit with Caution
Do not enter personal information on websites that you don’t trust.
4. Select a Web Browser with Robust Security Settings
By doing this, you’ll be more shielded from security risks and cookie theft.
How to Disable Cookies
I’m always being asked questions like; should I enable cookies on chrome (or other browsers?), Or how to delete cookies on iPhone? Below, I’ll show step by step bow to manage cookies on some of the major browsers for both laptops and mobile devices.
To clear cookies for the current website you’re visiting, click the lockicon at the left of the web address bar, then go to Clear cookies and site data.
To clear cookies for a particular website, click the menu icon. Select Privacy & Security and go to Cookies and site data. Click Manage Data, and a window will appear from which you can select which websites you want to remove cookies, then click Save Changes.
To clear all cookies, click the icon > Settings>Security and Privacy, then go to Cookies and site data. Then click Clear Data >Clear.
To change which cookies and website data you accept, select Cookies and website data, then select one of the following; Always block, Allow from current website only, or Allow from websites I visit.
To remove stored cookies and data, click Remove All Website Data, or click Details, select one or more websites, then click Remove.
Click theicon, then go to Settings>Privacy & security.
Select Clear browsing data>Clear data.
If you wish to block third-party cookies, click on Third-party cookies, then you have the choice of either selecting; Block third-party cookies in Incognito mode, or Block third-party cookies.
Browsers on Mobile Devices
Android
Launch Chrome from your Android device.
At the top right, tap the Moreicon, then go to Settings.
Tap Site settings, then go to Third-party cookies.
You will be shown 3 options, Allow third-party cookies. Block third-party cookies in Incognito, and Block third-party cookies.
To delete all cookies, tap the Moreicon > Settings, then tap Privacy and security> Third-party cookies, then tap See all site data and permissions > Delete all data, then tap Delete.
iOS
Launch Safari from your iOS device.
To delete, history, cache, and cookies, go to Settings>Safari. Next, tap Clear History and Website Data.
To block cookies, go to Settings > Safari > Advanced, then turn on Block all cookies.
Conclusion
To answer the question regarding if cookies are safe, I would say that they are inherently safe, however, cookies are something of a double-edged sword. On the one hand, they can improve your surfing experience by remembering your preferences and login information, but on the other, they raise privacy issues by tracking your activities across other websites.
Understanding how cookies operate, and the many types, will enable you to make educated decisions regarding whether to accept them or not, and how to control them on your devices.
Fortunately, most browsers have settings for controlling cookies, allowing you to strike a compromise between convenience and privacy. So, the next time you encounter a cookie notification, you’ll know what to do to make your browsing experience better and safer.
