I use an anti-spyware program and on my weekly scans it shows me all the suspect cookies I have collected and asks me how I want
to treat them (delete, quarantine, etc.). Most of these cookies are unrecognizable as to what sites they are from. Where can I get
more information on cookies to know whether or not I want to keep them?
Cookies aren’t nearly as dangerous as some folks think. In my opinion many anti-spyware programs make much too big a deal about
cookies in general.
That being said, let’s look at cookies using your browser instead of your anti-spyware tool (since I don’t know exactly what
information it’s showing), and then I’ll make a few recommendations.
Become a Patron of Ask Leo! and go ad-free!
In Internet Explorer 7:
|
That should have you looking at your Temporary Internet Files, similar to this:
What you’re looking at is the cache of files that Internet Explorer has downloaded as part of the surfing you’ve done. IE tries
to download files only once so that if you revisit that page, or visit a page that uses the same image, it’s already on your
machine, in the cache known as “Temporary Internet Files”.
Much like what we’re looking at here, many of the items will be unclear and confusing. At a minimum you can see in the “Internet
Address” column what site URL the item pertains to.
Internet Explorer keeps cookies in the same cache.
Click on the Internet Address column header to sort by that value. Now, if you need to, scroll down until you
see “Internet Addresses” that begin with Cookie:
As you can see, the cookies are also identified by the URL with which they are associated.
related.”
So, what about URLs you don’t recognize?
You can certainly go to the “http:” version of the URL. For example you’ll see in the example above a cookie
“Cookie:leon@ads.sun.com” – a visit to http://ads.sun.com quickly identifies is as an ad server owned by the Sun corporation. (I
know, the “ads.” plus “sun.com” as the domain was probably enough to make the same determination.)
Another approach is to look up the “whois” information for the domain. The cookie “Cookie:leon@2o7.net”, besides being a strange
name, doesn’t actually work when you visit http://2o7.net. A quick visit to http://betterwhois.com shows that 2o7.net is owned by a
company called Omniture – and a visit to omniture.com shows it to be an internet marketing company.
You can repeat that process for any or all of the cookies that you don’t recognize. In the end I think you’ll give up and get
tired as one thing becomes painfully clear: most of the cookies you don’t recognize are simply advertising related.
Advertisers use what we’ve come to call “tracking cookies”, and as I’ve said in a previous article:
Tracking cookies generate a tremendous volume of information that is processed in aggregate … meaning that advertisers using
them can determine things like “this many people who visit site A also go to site B, so we should beef up our advertising purchase
for site B.” They’re not saying “Oh, look, Leo just visited site A again. And there he goes to site B.”. You and I as individuals
just aren’t that interesting. Analyzed as a group, however, the information can provide interesting trends and information.
So… what should you do?
Well, there’s certainly no harm in deleting all cookies every so often. At worst you’ll find you have to login to some
sites where your password had been previously remembered.
If you’re particularly concerned about tracking, you might consider configuring your browser to disable what are called “third
party” cookies. That means when you (the first party) visit a web site like ask-leo.com (the second party) ads shown on that site
which come from some other URL like ads.google.com (the third party) are not allowed to leave cookies. Personally, I’m not
concerned about this type of tracking, so I leave them enabled.
And, ultimately, I actually see very little risk by doing absolutely nothing. Cookies don’t present a true security
risk – you can’t, for example, catch a virus from a cookie. At worst cookies present a privacy risk, but as I stated
above, most of us just aren’t that interesting to be individually targeted.
I say let the cookies fall where they may.
I don’t like the idea of data being collected over time about me. In an attempt to disrupt it I have Firefox delete all cookies at exit. That causes a few problems in itself as I lose some site configuration data that I have to reenter later.
Privacy is meaningless if you don’t try to protect it. The act of trying to protect your privacy is important even if it isn’t completely effective because it is showing that you care about privacy.
I’m just a little surprised you wouldn’t at least mention how to do it in Firefox; yes, the procedure is similar, but why not take a few lines to show where to access them? Obviously you can’t cover how to do it for every browser, but considering Firefox’s large share in the “internet browser pie chart”, I think it is justified. Thanks for the great article though. :-)
I used to disable third party cookies, but then I found that sites like Vanguard use them for setting up security, so I now accept all cookies. Once in a while I’ll go through and delete the cookies I know are used only for tracking (like doubleclick), just to reduce the tracking, even though it is probably a waste of time.
I must have some kind of fault on my machine. When I click on ‘view files’ I do not get what you see above. I get the same viewer as when I click on ‘my computer’ with the side menu. Importantly there are no headings showing and therefore I cannot sort the files. Any ideas?
Leo,
A neat tool to see where cookies came from is Karen Kenworthy’s “Karen’s Cookie Viewer”. It is free at http://www.karenware.com . It shows what cookies you have, who created them, and when they were created. It allows you to delete the cookies you do not want.
A great tool for managing your cookies.
I faced the same problem about two month ago and have a solution.
I add websites and keywords in exclude list of my security software (History Killer Pro) and then let the program delete all other cookies. I guess it is the easiest way to get rid of undesired cookies and keep the ones you need.