Cookies: Should I worry about them?

Credit to Author: Pieter Arntz| Date: Mon, 15 Jan 2018 18:16:18 +0000

Starting off the new year, many of us are worried about cookies—how many we ate over the holidays and how we’re going to avoid them in the break room, for example. With so much cybercrime and data theft swirling around like daily bomb cyclones, there’s more than a few folks worried about the kinds of cookies they encounter on the Internet.

But should they be?

Cookies are typically text files that can provide information about your browsing behavior to websites that you visit. On the one hand, cookies are useful for making your Internet experience more efficient. It’s how you automatically get logged in on sites you’ve already visited, even if you closed the browser tab, for example. But on the other hand, cookies are part of the advertising ecosystem that knows which advertisements are most likely to draw your attention—and they serve them up to you wherever you visit.

Why doesn’t Malwarebytes detect cookies?

Cookies in themselves are harmless. They are just data stored by a website in your browser, and they are not malware. It is what sites do with them that determines whether we like them or not. Some cookies are essential to use a site properly, and others might be considered a privacy risk. Since the possible preferences are various and personal, we believe in leaving the choice up to our customers. Of course, we can and do block sites that we know to plant overly intrusive cookies on a user’s machine. But otherwise, we leave it up to you.

How do I delete and control cookies?

At some point, you may want to remove the cookies from your browser. Below, you will see how to do that for a couple popular browsers. But before you get rid of all of them, let me warn you that you may regret doing so. Your favorite sites will forget who you are, and you will have to log in where you normally were automatically accepted.

Windows

Edge

Unfortunately, Edge (like Internet Explorer) does not have a built-in cookie management tool for specific cookies. It does have a delete all or nothing option, which you can find under Settings. Under Clear Browsing Data click Choose  > Cookies and saved website data. The control is also not very granular. You can find it under Settings > Advanced settings > View advanced settings. You will find three options: block, don’t block, or block only third-party cookies.

edge options

Internet Explorer

To clear cookies in Internet Explorer, select Tools > Internet options > General tab. Under Browsing history, hit Delete and put a checkmark in the Cookies box. Think once more, because this is an all or nothing method, before you hit Delete. For a more detailed description, check out Microsoft’s support article on How to delete cookie files in Internet Explorer.

Chrome

Go to Menu > Settings > Show advanced settings. Under Privacy, click Content settings > Cookies. Click “All cookies and site data” to get an overview. Here you do have a choice on what to delete. You can delete individual cookies separately or all of them in one sweep. For a more detailed description, see Google’s support article: Manage your cookies and site data.

Firefox

Click on the Firefox button > Options > Privacy > Show Cookies. Here you will see options to Delete all cookies or search for specific ones you want to delete. For a more detailed description, take a look at Firefox’s article: Delete cookies to remove the information websites have stored on your computer.

Opera

Click the Opera button > Settings > Delete Private Data > Detailed options > Manage cookies. Here you will see an overview of the stored cookies and an option to delete them separately. For more information, see Opera’s help article: Manage Cookies.

In the links I have provided for Chrome, Firefox, and Opera, you will also find information on how to control which cookies get stored on your computer. Internet Explorer has the controls on the Privacy tab under Tools > Internet options.

macOS

Malwarebytes for Mac does not detect or remove cookies either. Like we said before, cookies are just data stored by a website, and not malware. At worst, they can pose a threat to your privacy, in the case of tracking cookies. Further, many cookies are not only legitimate, but also required for normal operation of some websites.

If you feel it necessary to delete cookies from your computer, some of them may be difficult to get rid of. You can use the following techniques to delete these cookies, but you should be aware that they will come right back as soon as you visit a site that sets those cookies.

Safari

Safari offers the option to clear all your cookies along with your browsing history. To use this option choose History > Clear History. Click the pop-up menu, and then choose how far back you want your browsing history cleared. Or you can choose to delete only cookies and website data by clicking Preferences > Privacy > Manage Website Data. Select one or more websites, then click Remove or Remove All. For more information, see Safari’s support articles: Manage cookies and website data and Safari help.

Under Privacy, you can also find the settings to control which cookies will be allowed moving forward by choosing “Change which cookies and website data are accepted.”

Adobe Flash Player

When you visit some sites with Adobe Flash Player installed and activated, the software also stores cookie data on your system. The easiest way to control these is to visit the Flash Player Help site and use the Website Storage Settings panel displayed there to delete those that you no longer want. Read the information below the panel to make sure you understand what your options are and how to use them.

adobe panel

Silverlight

Browser plug-in Silverlight can also store cross-browser information in the application cache. To delete the Silverlight Cache, follow this procedure:

  • Close all Microsoft browser windows (Internet Explorer and Edge).
  • Click Start > All Programs > Microsoft Silverlight.
  • Choose the Application Storage tab.
  • Click Delete all.
  • Click “Yes” in the “Delete application storage for all Web sites?” dialog.
  • Click OK.

Evercookies

Evercookies are not just text files. They are Javascript routines that recreate cookies even after they have been removed. Evercookies often rely on the two major streaming video browser plug-ins: Microsoft Silverlight and Adobe Flash. These plug-ins allow their own caching and storage, which can be used across sessions and even across browsers. But they can be hidden in other caches as well. By storing the same data in several locations that a client can access, the data can be recovered and then reset and reused if any of it is ever lost (for example, by clearing cookies).

To actually get rid of evercookies, you would have to delete all the related cookies and clear all the caches of all your browsers and video browser plug-ins, using the information posted above.

Supercookies

These are technically not cookies because they are not stored in browsers or browser plug-ins, but I wanted to mention them here anyway because their name might lead you to think otherwise. Supercookies are unique identifiers that are inserted into the HTTP header by a service provider. Service providers are legally bound to offer you an opt-out option, so it could be prudent to check if your service provider uses supercookies and how to opt out if they do.

The post Cookies: Should I worry about them? appeared first on Malwarebytes Labs.

https://blog.malwarebytes.com/feed/