Cookie Management

The Article

Most of us have heard about cookies in the context of computers or the Internet, but most of us do not have a grasp of what they are.  I was asked to record a video about cookies directly in response to my video on Facebook Wants to Know Everything, so here goes a little more info about cookies and what you can do about them.

What are cookies?

Cookies are merely small text files on your computer that store basic information about websites you have visited.  Cookies provide us a lot of functionality for websites including storing data between between, for example a shopping cart on Amazon.  Before you are logged in, you can still add items to the cart.  You can even leave the site and come back to find the items will still be in your cart, at least unless you have deleted the cookies.  This article and video is more about managing cookies on various browsers rather than information about what cookies are, so for more detail check out the article references for that part.  I will provide a few more details below, but merely as a primer.

Session Cookies

A session cookie is the most benign of the cookies.  This type of cookie passes information between pages while you visit a website, but it is deleted once the session is over, which occurs either when your browser is completely closed, or you are no longer on the website and the session cookie expires.  The session cookie allows you to send information through contact forms, place items into a shopping cart, or remain logged into a website as you navigate between the pages.  Session cookies are nothing to worry about.

Persistent Cookies

Persistent cookies stay on the computer until they are either deleted or they expire.  The persistent cookie can store information about whether we have chosen to remain logged into a website, or in some more concerning data, they can store a list of the websites and types of websites you visit.  The former cookies are generally safe and make the internet easier to use, but the latter can give third parties information about the websites we visit and therefore could become privacy concerns.

First and Third Party Cookies

Persistent cookies can be first party or third party.  A first party cookie a cookie stored by the site you are currently visiting.  With a few exceptions, these are generally OK to allow, but the third party cookies are generally advertiser cookies that track sites you visit and allow an advertiser network to push ads to you, but since the cookie can also communicate back to the source, it also allows the third party sources to build a profile on you to save on their servers, so you may not be able to delete the information.  I would highly recommend blocking all third party cookies and avoiding websites that require them to be enabled.

The Flash Cookie

The Flash cookie, also known as the Super Cookie, is a very dangerous cookie for the user.  The first reason is this is the only cookie that is cross-browser, meaning if the cookie stores data on your computer when you use Firefox, that data is also available when you use Chrome.  Second, the Flash cookie can hold 20 times the data of the regular browser cookie meaning more information about you and your history.  Third, the Flash cookie gives rise to the Zombie cookie!

Zombie Cookie

The zombie cookie is as it sounds: it rises from the dead!  As you delete the cookie, it is restored from the Flash cookie back to the browser.  The zombie cookie is a Flash cookie so they allow data to be shared across browsers for third parties to create a profile on your computer use and browser history.

Cookie Best Practices

The first thing we should all do is set the cookie policy to what we are comfortably with for each browser we use.  Below I will walk through the steps on the top browsers to set cookie policies.  In my case, I generally allow first person cookies but I block third person cookies.  Some may opt to delete all cookies when the browser is closed, which basically makes all cookies session cookies.  This is a great policy to prevent data collection, but if you need to login to websites frequently, this could become a barrier, but in the advanced settings you can set some cookies to remain if you want to do that.  Don’t forget every now and then to clear all of your cookies to help protect your online privacy.

Flash Cookie Best Practices

Perhaps it is good that many groups (including Adobe) are deemphasizing Flash Player.  In addition, Chrome and Firefox are working toward always disabling Flash Player on all websites by default and forcing you to allow it on a site-per-site basis.  This being said, if you visit a website and receive a notice to enable the Flash Player, do not hit that enable button unless you know for sure that you need Flash for a critical part of the website function.  This should block Flash and zombie cookies unless the site needs Flash Player.  Another way of handing Flash cookies is to use The Better Privacy Firefox addon.  This addon will allow you to remove flash cookies or keep some cookies protected.  If you do not use Firefox and have no desire to do so, a program like CCleaner for Windows or BleachBit for Linux or Mac (or windows) will allow you to remove the cookies.  Clear these files out regularly.

Cookie Management

The remainder of this article will be a brief bit of information on cookie management across the common web browsers.  Fortunately, most of the terminology is the same so we merely need to be concerned with how to settings.  Lets get started.

Computer Browsers

Firefox

Use the Hamburger menu in the upper right corner of Firefox.  Click Options (or Preferences) in the popup menu.  Click the Privacy tab on the left and look for the History section.  Look for the drop down with the three options: Remember History means that all cookies including third party cookies are stored.  Never Remember History means that session cookies will be stored but everything is deleted once you are done browsing.  With this setting, third party cookies are stored but deleted when the browser closes, but the companies using those third party cookies can see all of the sites visited during that session.  I prefer the Use Custom Settings for History because I can completely block third party cookies with the checkbox.  I can also set whether cookies are stored or deleted when the browser closes.  The Exceptions button is used to either allow to keep stored (ie, not delete) or completely block cookies from specific websites.  The Show Cookies button will allow you to see any cookie that is currently on the browser.

Chrome / Chromium

Whether you are using Chrome or the Open Source Chromium browser, accessing the cookies section of the settings is the same.  In the upper right corner of the browser is three vertical dots.  That brings up the menu where you will select Settings.  Scroll to the bottom of that page and click the Show Advanced Settings link.  Click the Content Settings button under the Privacy section.  We will see three radio buttons: Allow Local Data to be Set means that cookies will be accepted, Keep local data only until you quit your browser clears cookies when the browser closes.  The last option blocks all cookies, but you will also see a checkbox to block third party cookies.  The Manage Exceptions button allows you to specifically keep or specifically block specific cookies.

Internet Explorer

Yes, Internet Explorer is still around, mostly for enterprise users.  You should probably not use IE unless you absolutely have to use it.  To access the cookie settings, find the gear in the upper right corner of the browser and on the menu, click Internet Options.  Select the Privacy tab and click the Advanced button.  The settings are very clear (probably the clearest of all browsers).  Two columns are present, one for First Party and one for Third Party.  To delete information on the browser exit or remove cookies, you need to access the General tab and find the Browsing History section.  Click the Delete button and make sure the Cookies and Website Data checkbox is clicked to clear the cookies.

Edge

Edge is not as intuitive to manage cookies, but most settings are still present.  Find the three horizontal dots on the upper right, click for the menu, and select Settings.  You will quickly see the setting to clear browsing data and history on the Clear Browsing Data section.  To set your cookie options, click on Advanced Settings at the bottom.  Find the Cookies section at the bottom and select the option from the dropdown list.

Safari

Access the menu through the Safari menu and select Preferences.  Select the Privacy tab and pick the option.  Directly on this section you can remove all website data quickly.

Opera

Opera is used by enough people to rank a user base on the W3C browser stats page, so I will include it here.  On this browser you need to find the menu button on the upper left of the screen (not right like all of the others).  On the menu, click Settings and then Preferences.  Select the Advanced tab and then on the left menu, find Cookies.  On this browser Accept Cookies means that all first and third parties are accepted.  Accept cookies only from the site I visit means the browser will accept the first party, but not the third party cookies.  The last option does not allow cookies to be stored.  To delete the cookies, use the main browser menu, open the Settings option and click Delete Private Data.

Mobile Browsers

Writing this article taught me something fascinating.  I found on iPhone it appears that Safari is the only browser app that allows the user to block third party cookies, but Android seems to allow blocking third party cookies.  Both main browsers on Android (Chrome and Firefox) were very similar to the computer method of blocking third party cookies.  On iOS devices you can set the Safari cookie policy in the General Settings, then go to Safari, and scroll to Block Cookies and select the desired option.

I hope this helps and that you will choose to take a proactive role in managing your cookie settings.  Remember that third party cookies are generally your privacy and tracking concerns and Flash cookies can be difficult to deal with.  Good luck on your battle against data collection.

Video

Notes and References

Something to add?

Search Website


Support Switched To Linux on Patreon!

Sponsored

Receive Our Monthly Newsletter

Recent Articles