Quick Links: SpywareGuide Greynets Blog | SpywareGuide Product Database | SpywareGuide Company Database | SpywareGuide Categories
Search SpywareGuide Database & Site
Security Email Alerts & Updates
SpywareGuide powered by FaceTime Security Labs

Internet Cookies- Spyware or Neutral Technology?

by Wayne Porter

We?frequently gets questions from users about the use of cookies. Frequently this happens after a ?spyware scan? where the users wonder why these spyware cookies were not found by the SpywareGuide Micro Scanner. Lately many anti-spyware applications are scanning and classifying cookies as ?spyware?. While there are privacy implications associated with cookies we feel that they should not be classified as spyware. The cookie, like any neutral technology, has the potential for abuse but it also performs many vital functions that contribute to efficiency and speed of the Internet experience.

What are Cookies?

There is nothing mystical about the cookie. They are merely text files that are placed on a user's computer by Web sites that the user visits. Cookies may contain and provide identifying information about the user to the Web sites that place them on the user computer, along with whatever information the sites want to retain about the user's visit.

How are the Cookies Used? Typically Web sites use cookies to track visitor information. For example, a surfer might shop for an item in an online store, but once they have placed the item in their online shopping cart, they decide to comparison shop at another site. The online store can choose to save the information about what products were in the shopping cart in a cookie on the surfer's computer. When the user returns to the site, the product is still in the shopping cart and ready for the surfer to checkout if they wish to complete the sale. This is a matter of convenience and a great use of cookies to provide convenience. In reality it is not possible to shop at most online stores without the use of cookies.

Another example of cookie use is with the targeting abilities of online ads. While many users don?t like online advertising it is a necessary component for web sites to generate revenue. Without revenue the site cannot pay for bandwidth, servers, programmers, artists, content writers and other resources it needs to remain open and serve users. Cookies, in this case, give the site some basic feedback on what the user may or may not want in terms of advertising. We feel that targeted advertising can be a useful resource for users and untargeted and obtrusive advertising degrades the value for the end user.

How can Cookies be Abused?

Historically some developers have been known to use cookies to gather information without the user's knowledge. Perhaps this is one reason behind why they have been erroneously tagged as ?spyware?. Usually this form of abuse stems from using cookies differently then the developer has stated in their privacy policy through omission or deception. This type of abuse is typically very difficult to pinpoint. Normally this type of abuse is not a major security threat but more a threat to the end user?s privacy.

Another point of potential and common abuse is in the work environment. IT Managers have been known to audit cookies. This means they may look through cookie folders and URL surfing history to determine where a user has been surfing or what they are doing with their time at the workstation. Cookies can provide a lot of information on a user?s surfing habits if you know where to look. For example it is easy to probe through the browser and other program?s data to get a general idea of what a user is doing online or where they are shopping. Likewise it will show if a user?s machine has been connected to a URL that serves adult content. This is a case of a benign technology being abused for covert purposes.

In the work environment users should understand that nothing is private and everything is potentially open for inspection by the employer. Be aware of this ability to inspect your browsing at all times and consult your employee handbook if you are unsure of your work place privacy policies. Also be aware that employers may deploy true spyware technology to log what you do, where you surf, and every e-mail you send. This is a far more critical threat than auditing cookies.

What Should Users do?

If you discover cookies on your machine (and you will if you surf) SpywareGuide.com advises you take some advice from the Hitchhiker?s Guide to the Galaxy- Don?t Panic. For the most part cookies are a benign technology that usually requires human intervention for abuse.

Ultimately the use of cookies is in the hands of the end user. You may want to block certain cookies, or simply delete them periodically or only after you end the browsing session. You may want to change your browser?s settings which will allow you to restrict the use of certain cookies or block them altogether.

For advanced users you can take control of cookie use on your own. In Mozilla and Netscape, go to Edit > Preferences. Then proceed to Privacy & Security > Cookies and select "Enable cookies for the originating web site only". This will block third party cookies. You can also set when cookies expire and setup other privacy settings that deal with cookies, the download manager, and surfing history.

With the latest versions (6.0+) of Internet Explorer, go to Tools > Internet Options. Click the Privacy Tab and press the "Advanced" button. Check "Override automatic cookie handling" and "Block" under Third-party cookies. You can also set First-party to prompt but this can be tiresome- especially if you like to shop online.

You may also want to look at 3rd party software applications that can easily clean cookies and other traces of system activity.

Unless otherwise noted this article is Copyright © 2014 by FaceTime Communications, Inc. This article may not be resold, reprinted, or redistributed for compensation of any kind without prior written permission from FaceTime Communications, Inc. For reprint or media inquires please contact us with the phrase "Spyware Guide Articles" in the subject line and we will by happy to assist you. Links to this article from other websites are appreciated and encouraged. Users are also encouraged to utilize our RSS system to provide unique content and extracts for their site.

Related Articles

Read other articles (back to full list)

Help with the BUST!
Click here and give us what details you have and let our international research team take it from there. If you desire your report will remain anonymous.
Recent Blog Posts
  • A Year In Security
  • Youtube Comment Bot Spams In Waves
  • VGA Awards Trailers Used As Bait For Spam Offers
  • Fake Visa Electronic Report Serves Up Zbot Data Stealer
  • Banned Console Owners Beat The System - With Stickers
  • Spot The Hack
  • The Futility Of EULAs
  • Auto Whaler Spears Phishers
  • Fake Porn Grabbers Snag Nothing But Malware
  • Console DDoS Botnets - A Thriving Industry
  • Recent Modifications
    2013-7-20  Date Manager
    2013-4-10  BeeBus
    2012-12-18  JT.Moonwalk
    2012-12-18  Sadbiz
    2012-12-18  Troj.GoogleBot
    2012-12-18  W32.Licat Worm
    2012-11-16  CoolWebSearch
    2012-6-21  AntiSpywareXP
    2012-6-21  Bget
    2012-6-21  Dloader.cao.1
     

    Site EULA | Site Map | Contact Us | About Us | Site and Spyware FAQ | Advertise | RSS Feeds  | Link To Us | SpywareGuide Japan Japanese

    © Copyright 2007, FaceTime Communications, Inc. All rights reserved.