لطفا منتظر باشید ...
Hack 34 Take a Bite Out of Cookies
Protect your privacy and keep your surfing
habits to yourself with proper cookie handling.
Cookies are small text files that web
sites put on your hard disk to personalize the site for you or to
track and then record your activities on the site. Cookies have
gotten a lot of pressmost of it badbut the truth is,
not all cookie use is bad. As a means of site customization,
they''re a great way of helping you get the most out
of the Web. They can also carry information about log-in names and
passwords, which is a time-saver, since you won''t
have to log into each site every time you visit. If you delete all
your cookies, you won''t automatically get your
Amazon wish list the next time you visit their site.
|
But cookies can also be used to track your online activities and
identify you. Information about you, based on what cookies gather,
can be put in a database, and profiles of you and your surfing habits
can be created.
Because cookies can be privacy-invaders, XP gives you a number of
ways to restrict how web sites place and use cookies on your PC. To
understand how to restrict the ways cookies are used on your PC, you
first need to understand three cookie-related
terms:
First-party cookie
A cookie created by the site you''re currently
visiting. These cookies are often used by sites to let you log on
automaticallywithout having to type in your username and
passwordand customize how you use the site. Typically, these
kinds of cookies are not invasive.
Third-party cookie
A cookie created by a site other than the one you''re
currently visiting. Frequently, third-party cookies are used by
advertisers or advertising networks. Some people (including me)
consider these kinds of cookies invasive.
Compact privacy statement
A publicly posted policy that describes the details of how cookies
are used on a sitefor example, detailing the purpose of
cookies, how they''re used, their source, and how
long they will stay on your PC. (Some cookies are automatically
deleted when you leave a web site, while others stay valid until a
specified date.)
To protect your privacy, you also need to know the difference between
implicit consent and explicit
consent. Explicit consent means that you have
specifically told a site that it can use personally identifiable
information about you. It''s the same as
opting in. Implicit consent
means that you haven''t specifically told
a site not to use personally identifiable information.
It''s the same as not having opted
out, or specifically requesting to be taken off a list.
Internet
Explorer lets you customize how it handles
cookies. You can choose from six levels of
privacy settings, from Accept All
Cookies to Block All Cookies. When choosing, keep in mind that some
sites won''t function well or at all at the higher
privacy settings, particularly if you choose to reject all cookies. I
generally find that Medium High is a good compromise between
protecting privacy and still being able to personalize web sites.
To customize your cookie settings in Internet Explorer, choose Tools
Internet Options Privacy. Move the slider(shown in Figure 4-3) to your desired level.
Figure 4-3. Customizing cookie settings in Internet Explorer
Table 4-1
shows how each setting affects
Internet Explorer''s cookie
handling.
Setting | How the setting affects your privacy |
|---|---|
Block All Cookies | Blocks all cookies, without exception. Does not allow web sites to read existing cookies. |
High | Blocks cookies from all web sites that don''t have a compact privacy policy. Blocks all cookies that use personally identifiable information without your explicit consent. |
Medium High | Blocks third-party cookies from sites that don''t have a compact privacy policy. Blocks third-party cookies that use personally identifiable information without your explicit consent. Blocks first-party cookies that use personally identifiable information without your implicit consent. |
Medium (Default) | Blocks third-party cookies from sites that don''t have a compact privacy policy. Blocks third-party cookies that use personally identifiable information without your implicit consent. Accepts first-party cookies that use personally identifiable information without your implicit consent, but deletes them when you close Internet Explorer. |
Low | Blocks third-party cookies from sites that don''t have a compact privacy policy. Accepts third-party cookies that use personally identifiable information without your implicit consent, but deletes them when you close Internet Explorer. |
Accept All Cookies | Accepts all cookies, without exception. Allows web sites read existing cookies. |
4.3.1 Customizing IE Cookie Handling
You''re
not
locked into IE''s
preset levels of cookie handling. If you like, you can customize how
it handles cookies so that you could, for example, accept or reject
cookies from individual sites, or accept or reject all first-party
and third-party cookies.
To accept or reject all cookies from a specific site, choose Tools
Internet Options Privacy Edit.You''ll see the Per Site Privacy Actions dialog box,
as shown in Figure 4-4. Type in the name of the
site you want to accept or block cookies from, and click on either
Block or Allow.
Figure 4-4. The Per Site Privacy Actions dialog box
To customize how you handle first-party and third-party cookies, choose
Tools
Internet Options Privacy Advanced. Check the "Override automatic cookie
handling" box, as shown in Figure 4-5. You can accept or reject all first-party or
third-party cookies, or be prompted whether to accept them. You can
also decide to always allow
"session
cookies"cookies that last only as long as
you''re on a specific web site and are deleted once
you leave the site.
Figure 4-5. The Advanced Privacy Settings dialog box
4.3.2 Export, Import, or Back Up Your Cookies
Although some cookies can be
intrusive, some can also be helpful as well. They can log you into
web sites automatically and customize the way you use and view the
site. So, when you buy a new PC, you might want to export cookies
from an older computer to it. If you have more than one PC, you might
want all of them to have the same cookies. And you might want to back
up your cookies for safe-keeping in case you accidentally delete the
wrong ones.
To export or back up cookies from IE,
choose File
Import and Export. The Import/Export Wizardwill launch. Choose Export Cookies and follow the directions. A
single text file containing all your cookies will be created in My
Documents, though you can choose a different location for them. To
import cookies, launch the
Import/Export Wizard, choose Import Cookies, and browse to the
location where the cookie file has been stored.
4.3.3 Examine and Delete Cookies Manually
You can''t
examine and delete your cookies from within Internet Explorer.
However, because XP stores each IE cookie as an individual text file,
you can read them and delete them just as you would any other text
file. Go to C:\Documents and Settings\Your Name\Cookies
in Windows Explorer, and
you''ll see a list of individual cookies in a format
like this:
your name@abcnews.com[1].txt
As a general rule, the name of the web site or ad network will be
after the @, but not alwayssometimes it
will merely be a number. Open the file as you would any other text
file (in Notepad, WordPad, or another text editor). Usually, there
will be a list of numbers and letters inside, though you might find
other useful information in therefor example, your username
and password for the web site. If you don''t want the
cookie on your hard disk, simply delete it as you would any other
text file.
Netscape
Navigator
and Mozilla handle cookies differently than Internet Explorer. They
store all cookies in a single file, cookies.txt,
typically found in C:\Documents and Settings\<Your
Name>\[Application
Data\]Mozilla\Profiles\default\********.slt, where
******** is a random collection of numbers and
letters. So, the directory might be C:\Documents and
Settings\Name\Mozilla\Profiles\default\46yhu2ir.slt. If
you''ve set up different Netscape/Mozilla profiles
(Tools
Switch Profile Manage Profiles Create Profile), cookies.txtwon''t be in the default
subfolder, but under each profile''s name. You can
open the file and see each individual cookie. You
can''t however, delete individual entries from the
file by editing this file. Instead, use Netscape''s
built-in Cookie Manager (at Tools
Cookie Manager Manage Stored Cookies) to read and delete cookies.4.3.4 Get a Third-Party Cookie Manager
The
tools built into XP for managing cookies are reasonable, but for the
most flexibility in handling cookies you should get a third-party
cookie manager. My favorite (and my editor''s
favorite) is Cookie Pal, available at http://www.kburra.com. It lets you easily
customize which sites you''ll allow to put cookies on
your PC, and it includes a cookie manager that lets you read and
delete cookies. It also lets you accept or reject cookies on a
case-by-case basis as you browse the Web. If you use browsers other
than IE, you might be out of luck, though. As of this writing, Cookie
Pal works only with Versions 3 and 4 of Netscape Navigator and
Versions 4, 5, and 6 of Opera. (Mozilla and later Netscape version
have similarly good managers built in, as mentioned earlier.)
4.3.5 Opt Out of Cookie-Based Ad Networks
Online ad networks have the
potential to create in-depth, privacy-invading profiles of your web
travels and personal interests, because they can place a single
cookie on your hard disk that will track you across multiple sites.
Normally, sites can''t share cookie information with
each other, but ad networks have found a way around this, so they can
aggregate your behavior from many web sites.
You can fight back by opting out of some of the biggest online ad
networks. You''ll have them place an opt-out cookie
on your hard disk that will tell the various sites not to track what
you''re doing; this will go a long way toward
protecting your privacy.
To opt out of the DoubleClick online
advertising network, go to http://www.doubleclick.com/us/corporate/privacy/privacy/ad-cookie/
and click on the "Ad Cookie
Opt-Out" button at the bottom of the page.
To see whether the opt-out worked, if you''re an
Internet Explorer user, go to
your cookies folder, which is typically C:\Documents and
Settings\<Your Name>\Cookies. Look for a cookie
named your name@doubleclick[1].txtfor
example, preston gralla@doubleclick[1].txt. The
contents of the cookie should look something like this:
id OPT_OUT doubleclick.net/ 1024 468938752 31583413 3447013104 29418226 *
In Netscape Navigator, your
cookies.txt file is typically found in
C:\Documents and Settings\<Your Name>\Application
Data\Mozilla\Profiles\default\********.slt, where
******** is a random collection of numbers and
letters. So, the directory might be C:\Documents and
Settings\Name\Mozilla\Profiles\default\46yhu2ir.slt. Look
in the file for an entry that looks like this:
.doubleclick.net TRUE / FALSE 1920499138 id OPT_OUT
You can instead use Netscape''s built-in Cookie
Manager to examine the cookie, by choosing Tools
CookieManager
Manage Stored Cookies.Some other advertising networks let you opt out as well. For details,
go to http://www.networkadvertising.org/optout_nonppii.asp
and follow the instructions for opting out. To verify that
you''ve successfully opted out of the other ad
networks, click on the Verify Cookies menu item on the left part of
the page.
4.3.6 See Also
[Hack #33]
[Hack #63]
