Understanding Cookies

What is a cookie?

A cookie is information that a site saves to your computer using your web browser. A cookie allows sites to record your browsing activities – like what pages and content you’ve looked at, when you visited, what you searched for, and whether you clicked on an ad. Data collected by cookies can be combined to create a profile of your online activities.

Who places cookies on the web?

First-party cookies are placed by a site when you visit it. They can make your experience on the web more efficient. For example, they help sites remember:

• items in your shopping cart
• your log-in name
• your preferences, like always showing the weather in your home town
• your high game scores.

Third-party cookies are placed by someone other than the site you are on. These may include an advertising network or a company that helps deliver the ads you see. They may be used to deliver ads tailored to your interests. For example, if you read an article online about running, a cookie may be used to note your interest in running, and add that to a profile. And you may see coupons to save money on running shoes.

Controlling Cookies

How can I control cookies?

Various browsers have different ways to let you delete cookies or limit the kinds of cookies that can be placed on your computer. When you choose your browser, you may want to consider which suits your privacy preferences best.

To check out the settings in a browser, use the ‘Help’ tab or look under ‘Tools’ for settings like ‘Options’ or ‘Privacy.’ From there, you may be able to delete cookies, or control when they can be placed. Some browsers allow add-on software tools to block, delete, or control cookies. And security software often includes options to make cookie control easier.

If you disable cookies entirely, you may limit your browsing experience. For example, you may need to enter information repeatedly, or you might not get personalized content or ads that are meaningful to you. However, most browsers’ settings will allow you to block third-party cookies without also disabling first-party cookies.

Keep your browser up-to-date

No matter which browser you use, it’s important to keep it updated. An out-of-date browser can leave your computer vulnerable to attack by malware, which could intercept sensitive data like your log-ins, passwords, or financial information. Most browsers update automatically, or prompt you to update to the latest version.

What are “opt-out” cookies?

Some websites and advertising networks have cookies that tell them not to use information about what sites you visit to target ads to you.

There are a couple of ways to opt out of certain types of data collection or certain kinds of targeted advertising:

• You can download software – an “add-on” to your browser – that controls whether and how cookies – including opt-out cookies – are stored or deleted. You can find add-ons on sites sponsored by the browser. Look through the settings or “Help” function. Browser companies review most add-ons for security and functionality before making them available for download, but as with any software, don’t download an add-on unless you have checked it out and trust the source.
• Programs from the online advertising industry, including The Network Advertising Initiative and the Digital Advertising Alliance, offer tools for opting out of targeted advertising – often by placing opt-out cookies – offered by their members. You also can opt out by visiting advertising networks and advertiser websites one by one.

Deleting all your cookies will erase any opt-out cookies you’ve downloaded. To restore opt-out cookies, you will have to go through the opt-out procedure again.

Cookies are used for many purposes – for example, to limit the number of times you’re shown a particular ad. So even if you opt out of targeted advertising, a company may still use cookies for other purposes.

“Private Browsing”

What’s “private browsing”?

Many browsers offer private browsing settings that are meant to let you keep your web activities hidden from other people who use the same computer. With private browsing turned on, your browser won't retain cookies, your browsing history, search records, or the files you downloaded. Privacy modes aren’t uniform, though; it’s a good idea to check your browser to see what types of data it stores. Although it won’t keep cookies after the private browsing session ends, cookies used during the private browsing session can communicate information about your browsing behavior to third parties.

Flash Cookies

What are Flash cookies?

A Flash cookie is a small file stored on your computer by a website that uses Adobe’s Flash player technology. Flash cookies use Adobe’s Flash player to store information about your online browsing activities. Flash cookies can be used to replace cookies used for tracking and advertising, because they also can store your settings and preferences. When you delete or clear cookies from your browser, you won't necessarily delete the Flash cookies stored on your computer.

Can I control Flash cookies?

The latest versions of Google Chrome, Mozilla Firefox, and Microsoft Internet Explorer let you control or delete Flash cookies through the browser’s settings. If you use an older version of one of these browsers, upgrade to the most recent version, and set it to update automatically.

If you use a browser that doesn’t support deleting Flash cookies, look at Adobe’s Website Storage Settings panel. There, you can view and delete Flash cookies, and control whether you’ll allow them on your computer.

Like regular cookies, deleting Flash cookies gets rid of the ones on your computer at that moment. Flash cookies can be placed on your computer the next time you visit a website or view an ad unless you block Flash cookies altogether.

New Technologies

Are there other tracking technologies I should know about?

New technologies are constantly emerging, and some can be used to track your online activities even if you control regular cookies. These are generally referred to as “supercookies.” If companies offer you an opt out, they need to respect your preference, whether they use supercookies or regular cookies.

What is “Do Not Track”?

Do Not Track is a tool that allows you to express your preference not to be tracked across the web. Turning on Do Not Track through your web browser sends a signal to every website you visit that you don’t want to be tracked. Companies then know your preference. If they have committed to respect your preference, they are legally required to do so. Some browsers already support Do Not Track. If you want to use Do Not Track, check to see if the browser you use offers it – or use a browser that does.

There are many unpatched loopholes or flaws in Facebook website, that allow hackers to inject external links or images to a wall, hijacking any facebook account or bypassing your social privacy. Today we are going to report about another unfixed facebook app vulnerability that allow a hacker to spoof the content of any Facebook app easily.

Nir Goldshlager from Break Security today exposed another major flaw that allows hacker to wall post spoofed messages from trusted applications like Saavn, Candy Crush, Spotify, Pinterest, or really any other application on Facebook.

Four men accused of launching online attacks under the banner of LulzSec appeared in a London courtroom Wednesday for sentencing. Ryan Ackroyd, Jake Davis, Mustafa al-Bassam and Ryan Cleary have all pleaded guilty to hacking offences.

The name Lulzsec is a combination of 'lulz' or 'lols', "LAUGHING AT YOUR SECURITY" meaning 'laugh out loud' and security, and was a direct descent of notorious hacking group Anonymous.  Working from their bedrooms in 2011, caused millions of pounds of damage with attacks on NHS, CIA and US military websites, they stole huge amounts of sensitive personal data including emails, online passwords and credit card details belonging to hundreds of thousands of people, Southwark Crown Court in London heard.

The alleged CIA spy caught red-handed by Russia was likely interested in obtaining information about the Boston bombing suspects, whose origins were in the Russian Caucasus, it has been reported.

They didn't use guns, masks or even threatening notes passed to bank tellers. It may be the largest bank robbery in history. A gang of cyber-criminals operating in 26 countries stole $45 million by hacking their way into a database of prepaid debit cards.

Reportedly, the group of hackers targeted weaknesses in how banks and payment processors handle prepaid debit cards. Authorities said they arrested these seven U.S. citizens and residents of Yonkers, New York: Jael Mejia Collado, Joan Luis Minier Lara, Evan Jose Peña, Jose Familia Reyes, Elvis Rafael Rodriguez, Emir Yasser Yeje and Chung Yu-Holguin.

The eighth defendant charged in the indictment, Alberto Yusi Lajud-Peña, also known as 'Prime' and 'Albertico,' was murdered on April 27 in the Dominican Republic.

Can You Crack a Code?
Try Your Hand at Cryptanalysis

12/24/09

We’ve challenged you before—in November 2007, December 2008, and May 2009—to unravel a code and reveal its secret message like the “cryptanalysts” in our FBI Laboratory.

In our latest quiz, we’ve switched gears a bit, using pictogram symbols based on Native American motifs. And with more than 50 words to decipher, it’s our longest one so far.

For the first time, we’re also posting the answer (see the bottom of this page) in case you are stumped. We ask, however, that you not post the solution on the web so that everyone can have a chance to give it a try.

Once again: If you want a primer on basic cipher systems and how to break them, see the article “Analysis of Criminal Codes and Ciphers.”

Good luck!

Note: Sorry, but cracking this code doesn’t guarantee you a job with the FBI! But do check out careers with us at FBIJobs.gov.

The answer

Why all the elaborate precautions? Magedson, 61, runs Ripoffreport.com. Depending on your point of view, Magedson either champions consumer rights or callously destroys reputations. His site allows anyone to complain anonymously about any firm or person, and no matter what, Magedson says he will not remove the posting. (There’s a way to get it removed from Google, though.) But he will accept thousands of dollars per case for his corporate advocacy program, in which companies can place content above the offending comments after agreeing to handle customer complaints promptly and making a “a written commitment to providing superior customer satisfaction regarding their products and services.”

Consumer champion empowering the little guy against scams and bad service, or eccentric exploiter? I wanted to meet him to see what he had to say for himself. But first I would have to locate him.

With roots dating back to 1997, Magedson’s site allows anyone to complain about anything: poor workmanship, a rude doctor or banker, a scam. Unlike Yelp which mixes good and bad reviews, Ripoff Report focuses on the negative. Their slogan is, “Don’t let them get away with it.” The company says it receives 125,000 to 250,000 visits a day, or more than a million a week. Quantcast, which measures Internet audiences, puts it among the top 1,000 U.S. websites.

Rep. Hank Johnson (D-GA) just introduced the "Apps Act," a bill that would require app developers to have privacy policies detailing how they share user data.

Under the bill, users must be shown privacy policies and sign off on them before using an app. That could lead to the kind of long click-wrap agreements users face when they log into a lot of software. To comply, policies have to make the user aware of any sharing with third-parties like advertising networks. Privacy advocates have criticized that kind of sharing, especially when consumers aren't made aware of what kind of data is being shared.

If a user stops using an app and asks for data collection to stop or be deleted, the app developer would have to comply. Enforcement of the privacy rules would be up to the Federal Trade Commission.

"Data has become the oil of the 21st century and like any other resource, there must be common-sense rules of the road for this emerging challenge," Johnson explained on the House floor today.