January 2002  

Cookies Cause Cavities In Your
Confidential Information

by Stephen Lawton

Did you hear the one about the babbling browser? A browser goes up to a Web site and says, "Knock knock." The Web site says, "Who's there?" The browser proceeds to tell the Web site everything it knows about its user: what other sites he visits, how much money he makes, what medical problems he has, his Social Security number, a plethora of usernames and passwords, and what kinds of movies he likes.

Sounds like something out of a bad B movie, but it happens every day. Personal privacy has always been one of my passions, and fighting babbling browsers requires a Herculean effort.

Cookies, the Web site owners say, are nothing more than tiny pieces of code that allow them to "enhance your visit." Cow pie! Though the ideal cookie might indeed enhance a visit, most of them have a single purpose: to benefit some marketeers who want to learn whatever they can about you every time you visit their Web site and then sell your private information.

Cookies are insidious. They are intrusive. They are invasive. And they are ubiquitous. There are a large number of sites, including some U.S. government sites, which require cookies. No cookie, no entry. It's pay-to-play time, folks, and you pay with your private information.

I use several tactics to fight cookies. First, I use three separate browsers. My preferred browser is still Netscape 4.7x. Yes, it's a bit old, and it's not always stable, but it's like a comfortable, old shoe. I also use Microsoft Internet Explorer 5.5 and Opera 5.02. IE tends to be more stable on sites designed to take advantage of IE's features, although less capable on others. I have my security set at the highest level in IE, so if I'm going somewhere I haven't been before, I'll often start with IE.

Opera is a clever browser. I've found that Opera is able to identify cookies that are not what they seem. For example, if a cookie uses an illegal path or domain, Opera flags it for me. It tells me that the cookie could be misleading and asks if I want to keep it. It also gives me the option of dumping my cookies at the end of a session. I like that option a lot! Something else I like about Opera is that I can throw away all new cookies at the end of a session. Opera could be a terrific browser, if only it were a bit more pliable, particularly where bookmarks are concerned.

But the browsers' own cookie controls aren't necessarily the best. Netscape and IE offer you the option of keeping all cookies, turning off cookies or asking you each time. IE also offers an option on per-session cookies that aren't stored again the options are keep all, reject all or prompt. Opera adds the option of accepting cookies from specific servers. With Netscape, the option is to accept only those cookies that are returned to the original server.

These options are minimalist at best. My recommendation get yourself an application that allows you to manage your cookies. Remember, the vendors want to put information for their use on your computer. At the very least, you should be able to monitor and manage this information better than with the tools provided by the browser vendors.

I use Cookie Pal from Kookaburra Software, but there are other very good programs, as well. Cookie Pal allows me to select if I want to accept or reject a company's cookies, but it also allows me to change my mind.

Protecting your personal information should be high on every user's priority list. You lock your car and house doors, don't you? You wouldn't leave your personal data pinned to your front door while you sauntered off to the market. Why would you give some company you're visiting access to your hard disk?

In looking through my list of cookies in Cookie Pal, I found cookies I accepted from companies, such as Webvan and Greenlight.com. Why tell someone about your buying history, or even the places you've been, if it's none of their business?

It's your job to protect yourself from vendors who want to poke through your personal information and browsing habits. And it's your responsibility to keep them from doing so. You can, you must protect yourself. No one else will.

Copyright 2001- 2002
All trademarks are the property of their respective companies.