“ Let me have a cookie ”

If another website asks me to accept cookies i’m going to loooose it. Every website I visit I have to either ‘change preferences’ or ‘accept all’ (THINK before accepting) for a simple browse. The internet will not rest until it has information on what I did last week. But before I go off on a tangent, what are cookies? 

Cookies are small pieces of data. When we visit a website, it sends a cookie to our device that is then stored in a file inside our browser to remember who we are. Additionally, cookies help websites to keep track of our visits and activities (they stay watching us). Cookies do a lot of work in making our internet experience a little easier, but can be a hassle if they’re not managed properly.  Without cookies, online shopping would become hard work. For instance, if we added an item to our shopping cart and clicked a new link on the website, our cart would then become empty. Cookies also help us store our login and credit/debit card information. This is useful as it speeds up our shopping experience by remembering our personal details.

There are different types of cookies but let us look at the main ones:

Session cookies contain the information that you input and tracks the movement within the website. These are temporary and memorise your activity.

Tracking cookies are the type of cookies that are shared by a website. There are two types:

First-Party: This tracks your online preferences. When you personalise your cookies it will remember them for next time, things such as language, log-in details and favourite items.

Third-Party: This monitors your online behaviour and tailors advertising for you. It collects various types of data and either passes/sells it to advertisers. When you visit another site you’ll most likely see that item being advertised.

Hackers like cookies too

Websites nowadays use HTTPS* (I’ll cover this soon) as a means of securing your details. This is a protocol which encrypts the data on a web page. E-Commerce and banking sites will use this on their log-in page and throughout their website. This means that anyone who is trying to snoop will not be able to get your log-in details. I am currently learning and using a tool called Wireshark and have tested this out by collecting packets* from encrypted web pages and inspecting them. 

Cookies store confidential data and this is valuable to a hacker as it allows them to access your account without a login required. There are tools that hackers use such as Firesheep which intercepts session cookies on open wi-fi connections (coffee shops, shopping centres, hotels etc). Consider the following scenario…

You’re in a hotel lobby for an entang..nvm and you connect to the hotel wifi. You log into Twitter. Twitter will give your browser a cookie. A hacker who is also connected to the same wi-fi will use   the Firesheep tool to grab this cookie. Once this is done they can hijack your session and can log in as if they were you. We need no reminder of what can happen once someone has access to your accounts.

Best way to manage cookies

Blocking all cookies may seem like a sure way to protect our privacy but doing this may make some websites hard to navigate through. It may seem like a drag but we should always look through the cookie settings on a website rather than selecting ‘accept cookies’. We also have the option of clearing our cookies which enhances security and improves system performance. It enhances security as you prevent businesses from tracking your behaviour whilst also thwarting attempts at hackers stealing these cookies and thus causing a security breach. However, clearing cookies will delete all of our saved data, which means that you will have to sign in to all your websites again. But that’s how the cookie crumbles.

In saying all this we should evaluate if it makes sense to enable cookies. Do we want each site to remember who we are? I’m almost certain that our private browser tells a different story if you catch my drift. But anywho, follow ‘Tips with T’ my lovelies. 

Tips with T

– Clear your cookies regularly  – Do not just click ‘Accept Cookies’ on a webpage  – Change your cookie settings  – Use a virtual private network (VPN) when connected to open Wi-Fi

Love & Guidance

TT