Summary
Cookies are text files stored on a personal computer by your web browser. When visiting a website, the website may want to know some information about the user so that the user can visit again (perhaps you have selected preferences or logged in to your personal account). Essentially, cookies save users the trouble of repeatedly entering information.
However, there are privacy concerns with these operations. Please read this article to learn more.
Nowadays, when browsing the web, we often encounter requestsAccept all Cookie's dialog box. Maybe you read the cookie privacy policy carefully, but most people accept it without thinking.
You may have heard that cookies are related to improving user experience. They often tailor site content to your preferences, such as storing items in an online shopping cart while you have another session open.
This article will delve into the advantages, disadvantages and dark sides of Cookies.
A cookie is a small file stored by the computer on behalf of the website. It is not a real cookie. The name was named by programmer Lou Montulli after another computing structure called magic cookie.
Why does the computer store this file? There are many reasons for this: Broadly speaking, cookies help a website server remember you. When using a website, you will perform some operations, such as switching to dark mode or logging in, and these operations will be recorded by the computer. It then re-transmits the information to the website on the next visit.
Suppose you visit everyone's favorite honey badger-themed website ilovehoneybadgers.com. It offers tons of customization options (like changing the font to Comic Sans or switching the background color). A cookie recording these preferences will be placed on your computer. Then you browse to another mammal viewing site and close your browser. After returning to ilovehoneybadgers.com again, the website will reload your personal preferences based on cookies.
This is a persistent cookie. It persists even if the browser is closed (unlike session cookies which are destroyed on exit). It is also a first-party cookie created by the website you are visiting (in this case ilovehoneybadgers.com)
As you may have guessed, the creator of a third-party cookie is not the host domain. Let's say ilovehoneybadgers.com and another site you visit are serving ads to users from the same vendor, whose code is written to pages on both domains.
When you visit any website, the provider creates third-party cookies for tracking. Then, when you use the same code to browse other sites around the web, they recognize and serve the same ads. Essentially, they build profiles for targeting by tracking users’ browsing habits.
Therefore, third-party cookies are also called tracking cookies.
➠ Want to start a digital currency journey? Welcome to buy Bitcoin on Binance!
Different cookies have different compositions. As shown in the two major examples in the previous section, cookies are a general data type. Let's look at a real-life example: If you are logged into Ask Academy, your browser will display the website's cookies. It allows you to post questions and answers without having to log in repeatedly.
In Google Chrome, you can access your cookies by going to Settings > Privacy & Security > Cookies & Other Site Data. In Firefox, cookies can be managed in Preferences > Privacy & Security > Cookies & Site Data (note: you should use the Storage Viewer to see the actual content).
If you dig into the contents of the cookie provided by Binance Academy upon login (i.e. decoded using this tool), you will see the following:
Data passed to the website when you visit it. A cookie will be created after successful login.
Not very complicated, right? There is almost no personal information here (and it is not shared with other domains). The numbers you see are timestamps, one indicating when the cookie was issued and the other indicating when the cookie expired. You'll also see the publisher, username, role (user or moderator), and authentication-related strings.
Cookies usually have this key-value system built into them. Note that many websites now provide user IDs. After an individual user visits, the server will retrieve relevant information from the database and adjust the user experience accordingly.
If the prompt to clear browsing history is enabled, you will generally see the option to clear cookies. This will not cause any significant damage to site data. However, you will note that you must re-enter all login information when you log in to a website that provides cookies again.
As shown in the above example, cookies themselves do no harm. In most cases, first-party cookies can simplify user operations, but you should be aware of the potential privacy risks of cookies. They can collect large amounts of personal data, so strict data protection regulations like the General Data Protection Regulation (GDPR) require many websites to comply with its guidelines.
For those concerned about their digital footprint, third-party cookies are a major problem. There's no doubt that online ads based on content you've read or watched can be disturbing. Have you noticed the social media "share" buttons on the website? Even without interacting with them, they can feed information about the user's activities back to the provider.
We often unknowingly expose sensitive data, which is never a good thing (see also Device Fingerprinting: How You Are Exposed). Data collectors may not engage in malicious parsing, but may sell user data to other bad actors with ulterior motives.
Disabling all types of cookies will result in a poor browsing experience. However, it is difficult to find a reason not to disable third-party cookies. Disabling reduces the risk of data exfiltration. If a website requires cookies to be enabled before you can access it, you can temporarily turn it on.
The most basic way to prevent third-party cookies is to send a Do Not Track request. This doesn't work very well because you're not using an advanced technical barrier, you're just asking the site not to personalize content. This is like begging a robber not to take your property. Websites will often ignore this request. At first, it was expected that "Do Not Track" would become a mandatory requirement, but the measure failed to gain traction.
Nowadays, many browsers block cookies by default (check your browser settings). If browser blocking fails, there are plug-ins and browser extensions (such as Privacy Badger and Ghostery) that can be used to block tracking.
We do not necessarily regard cookies as a scourge on the Internet. If you've read our other articles in the Security category, you know how easy it is for personal information to be leaked without you realizing it.
Today, first-party cookies are an integral part of the online environment and are of great significance. They store information in personal computers and optimize user experience. However, third-party cookies have nothing to do with the user's interests, but rather serve data mining entities. You can easily block most third-party cookies through a browser plug-in.