Posted 25 February 2024 - 05:07 PM
But there are also unknown unknowns- the ones we don't know we don't know
Posted 25 February 2024 - 05:16 PM
Not that I am aware of. Accepting or not accepting cookies typically involves human interaction with the click of a mouse button. BTW...
Cookies are NOT a "threat" in the typical sense we think of malware infection. As text files, cookies are inherently harmless and cannot be executed to cause any damage. Cookies do not cause any pop ups or install malware and they cannot erase or read information from a computer.
Do cookies pose a security risk?A Cookie is a small text based file given to you by a visited website that helps identify you to that site. Cookies are used to maintain state information as you navigate different pages on a Web site or return to the Web site at a later time...Cookies cannot be used to run code (run programs) or to deliver viruses to your computer. The purpose of a cookie is to tell the Web server that you have returned to a specific Web page.
Cookies are short pieces of data used by web servers to help identify web users. The popular concepts and rumors about what a cookie can do has reached almost mystical proportions, frightening users and worrying their managers.
The primary purpose of cookies is to identify users and prepare customized web pages for them. There are two different types of cookies.
Cookies can be categorized as:
Fact: Cookies are Used by Advertisers to Track Sites You VisitBecause cookies are always sent back to the site that originated them, an advertiser's cookie will be sent back to them from every web site you visit that is also using that same advertiser. This allows the advertiser to track the sites you visit, and send targeted advertising based on the types of sites that you visit.
The Many Ways Websites Track You OnlineTracking is generally used by advertising networks to build up detailed profiles for pinpoint ad-targeting..
• SSL stripping – the attacker tricks the web application into dropping an HTTPS connection and using the insecure HTTP protocol instead, making packet sniffing possible.
• Reflected XSS occurs when the malicious script comes from the current HTTP request. The application receives data in an HTTP request and includes that data within the immediate response in an unsafe way.
• Session hijacking occurs when a hacker steals a victim’s unique session ID number and mimic's that person’s cookie over the same network when the victim is logged in on the system.
Cookies associated with authentication to web services can be used by attackers in “pass the cookie” attacks, attempting to masquerade as the legitimate user to whom the cookie was originally issued and gain access to web services without a login challenge.
.
.
Microsoft MVP Alumni 2023, Windows Insider MVP 2017-2020, MVP Reconnect 2016-2023
Microsoft MVP Consumer Security 2007-2015
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Retired Police Officer, Federal Agent and Coast Guard Chief
If I have been helpful & you'd like to consider a donation, click
Posted 25 February 2024 - 05:51 PM
But there are also unknown unknowns- the ones we don't know we don't know
Posted 26 February 2024 - 03:50 PM
I clean them out too from time to time but removal depends on what kind of cookies you are dealing with. As I explained above.
.
.
Microsoft MVP Alumni 2023, Windows Insider MVP 2017-2020, MVP Reconnect 2016-2023
Microsoft MVP Consumer Security 2007-2015
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Retired Police Officer, Federal Agent and Coast Guard Chief
If I have been helpful & you'd like to consider a donation, click
Posted 26 February 2024 - 07:32 PM
Goes to show that when you begin to scratch away at the surface, there is no end of nasties that come crawling out of the woodwork.
I kid (?) myself that declining all prominent website cookies and using Chrome's cookie etc cleaner, and from time to time CCleaner's tool, that thereby I have rid myself of them. Seems not. Obvious follow up question: Is there / are there cookie cleaners that are a match for what you have outlined above?
I have never used a VPN. Is this a worthwhile defence?
I get the impression that normal AV protection is not designed to cope with cookies.
But there are also unknown unknowns- the ones we don't know we don't know
Posted 26 February 2024 - 09:51 PM
Most antivirus intentionally do not search for and remove cookies for three main reasons. First, because cookies pose no significant threat in the typical sense we think of threats with malware. Second, many cookies are used for legitimate purposes on various websites for making your interaction more efficient. Third, the antivirus has more important things to do such as detecting and removing actual malware, although some scanning engines may detect/remove adware tracking cookies.
The appropriate place to manage cookies is through your Web browser or by scanning with third-party software specifically designed to remove cookies (CCleaner, Privacy Eraser, SecureClean, Cookie Cleaner). Some browsers even have extensions available for managing and removing cookies.
.
.
Microsoft MVP Alumni 2023, Windows Insider MVP 2017-2020, MVP Reconnect 2016-2023
Microsoft MVP Consumer Security 2007-2015
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Retired Police Officer, Federal Agent and Coast Guard Chief
If I have been helpful & you'd like to consider a donation, click
Posted 27 February 2024 - 06:28 AM
Is there some software that makes it possible - on demand - to say no to some or all
No- but there is software that will automatically accept them for you so that you don't have to click on things yourself.
I see that you are in the UK, so are covered by the Data Protection laws in Europe and the UK.
That makes it a legal requirement for websites that use cookies to show you a cookie warning when you visit them, and they have to get and record your permission to let them do that. ie. an 'Accept' button.
Although they have to show you the warning and you have to click to indicate that you 'Accept cookies', they don't have to offer you a 'Reject cookies' option. - You can reject simply by not continuing to the website.
Some websites do have a 'Only essential cookies' option to let you continue with only some of their cookies, but that isn't a legal requirement.
So although the 'Cookie Warning' law was brought in with good intentions the repercussions weren't though through properly, and it can be a PITA to keep having to accept the warnings.
It is being talked about changing the laws so that websites don't have to keep bugging you in this way.
In the meantime in Europe/UK we have browser add-ons that will accept the cookie warning for you, at the minimum allowed cookie level, often before you even see it.
I use the 'I don't care about cookies' browser extension and I'm never (well hardly ever) pestered by the cookie warnings.
It can also be added as a filter list in adblockers, but that is not as effective as using the extension.
Other similar browser extensions are available.
https://www.i-dont-care-about-cookies.eu/
I do clear all cookies daily, (often multiple times daily), my browser is set to clear cookies and history on closing, and then I have my own batch file to clear all the browser caches, a double cleaning because browsers don't always clear everything.
An app such as CCleaner will also clear them out on demand, you can usually set exceptions in cleaning apps so that they will not remove any that you do want to keep. (Say if a login is stored as a cookie then you may want to keep it).
If you get the Paid version of CCleaner it can be set to clear a browsers cookies and caches when that browser is closed.
Another way of avoiding such cookie warnings would be to use a VPN that says you are outside of Europe/UK so not covered by the same Data Protection laws. To me it's simpler for most people to use a browser extension.
Edited by Nukecad, 27 February 2024 - 07:19 AM.
*** Out of Beer Error ->->-> Recovering Memory ***
Posted 27 February 2024 - 07:09 AM
But there are also unknown unknowns- the ones we don't know we don't know
Posted 27 February 2024 - 08:24 AM
Each to their own opinion of course.
But like Quietman7 I'm not particularly bothered by any 'threat' from cookies - as long as I clear them off my machines regularly.
Yes they can show what you have been doing doring a browsing session, but when you close the browser and clear them they are gone - and then when you start your next browsing session it's like you are new to the web as far as cookies are concerned.
*** Out of Beer Error ->->-> Recovering Memory ***
0 members, 1 guests, 0 anonymous users