Network: Death to the cookie monster
A glitch in your browser may be laying you open to unwelcome visitors
Monday 08 March 1999
However, I suspected something fishy was going on last week when an innocent- looking e-mail proved to be advertising for the latest pyramid-selling scam in Florida. I get more than 80 e-mails per day, and I have no time for spurious junk e-mail, particularly the type that comes from the US get-rich-quick school of marketing. So I decided to find out how they got hold of my address.
After some digging, I discovered something rather sinister. Some time ago I downloaded Netscape 4.5, and it transpires that my in-box overload is caused by Netscape implementing "cookies" badly on that particular version. Cookies are tiny files that get planted on your PC's hard disk by a website that you visit, and which send details of your surfing behaviour back to the site's owner. These nuggets of information can trigger specific messages to be sent to your in-box or, more often, show you a personalised banner ad next time you are on that site. In principle, cookies are not harmful. If the site owner knows my tastes and can show me information that is relevant, that's a good thing, and I consider those to be Good Cookies.
However, the bug in Netscape's cookie implementation system has given access to my cookies not only to the websites with which I've registered, but also to a whole bunch of sites that I only browsed. The problem is that the bug allows cookies to be shared between unrelated site-owners. So if you give your e-mail address to, say, Amazon.com, the cookie will store it and allow other sites to sniff it out and use it for their junk e-mail. Soon you'll be getting lots of "personalised" alerts about their latest discounts on fake gold earrings in the shape of Ivana Trump's bottom.
Another bug in Netscape affects non-US domains, allowing cookies to be shared among sites with the same domain structure as long as it has two dots (eg a domain composed of three words, such as independent.co.uk, could access cookies set up by guardian.co.uk). The problem not only creates privacy issues for the user, leading to abuse of cookie information among competing sites, but also potentially means a lot of wasted bandwidth. The cookie sends information to the site owner every time you visit that site. If the cookie thinks that every site ending in .co.uk is your cookie- owner, then it will be sending information every time you access any site with co.uk in its domain. Since you as a user are paying for this, then the cookie bug may cost you money, not just hassle.
So how do you kill the bad cookies and keep the good ones? There are a number of options. I have switched to Internet Explorer, as there is a tool for Windows 98 (cookies.vbs) which claims to help you manage your cookies in an intelligent manner. Bad cookies are killed, while good cookies are simply copied to a Save directory. This little "cookie-cutter" cleans up your hard drive and allows you to prevent abuses. You will need Windows Scripting Host (available from www.microsoft.com) and then you will be able to get cookies.vbs from the PC Magazine archives on www.zdnet.com.
Be warned, though, that the task of cleaning up your cookies will be quite time-consuming, as the average surfer or online bargain hunter gathers up to 200 cookies per quarter. I have found more than 180 of the little monsters lurking on my hard drive and it took me almost half of a day to sort out the bad and the good ones.
Another way of dealing with cookies is to install a more intelligent browser. Some browsers have even added more control over the cookie monster and let you make decisions as you go. One example is a German production (download it from www.icab.de/iCab_US.sit); iCab not only has a built- in cookie manager, but it is in fact a pretty good browser, with the plus of being small in size (using around 3Mb of Ram), unlike IE (the latest version is simply gigantic) or the latest version of Netscape.
For more info on cookies, check out www.cookiecentral.com. But remember, cookies are safe if they are well-implemented. It is only cock-ups that lead to problems, and these can be controlled at your end. New legislation banning marketeers from exploiting sloppy practices by the browser community would not go amiss, but there always will be foul-ups on the browser end as they are getting too big and unruly to exercise any degree of control over product quality.
If you experience cookie problems or have a good solution you want to share, then please mail me.
After giving gay film R-rating despite no sex or violencefilm
Arts & Ents blogs
- 1 Richard Dawkins on babies with Down Syndrome: 'Abort it and try again – it would be immoral to bring it into the world'
- 2 ALS ice bucket challenge co-founder Corey Griffin drowns, aged 27
- 3 A third of employers never check job applicants' qualifications, survey finds
- 4 James Foley beheading: Fox news presenter Megyn Kelly annoyed by Ferguson update during broadcast about murdered journalist
- 5 Paul Scholes: Manchester United need five experienced players who can turn round a desperate situation
Jeremy Clarkson 'does not see a problem' with his racist language on Top Gear, says BBC
The Top Ten: Horrible buildings
JK Rowling writes new Harry Potter story on Pottermore: Introducing 'Singing Sorceress' Celestina Warbuck
Britain's ugliest buildings: Which monstrosities should be nominated for the Dead Prize?
American film board gives gay film Love Is Strange R-rating despite no sex or violence
Richard Dawkins on babies with Down Syndrome: 'Abort it and try again – it would be immoral to bring it into the world'
Scottish independence: English people overwhelmingly want Scotland to stay in the UK
Isis threat: Cameron wants an alliance with Iran
Crisis? What crisis? A visiting US doctor gives the NHS a rave review
Michael Brown shooting: Chaos erupts on the streets of Ferguson after autopsy shows teenager was shot six times – twice in the head
Scottish Independence Referendum: Salmond described as 'arrogant, ambitious and dishonest' by Scottish women