Cookies

From BC$ MobileTV Wiki
Jump to: navigation, search

Cookies are small text files that reside on the client for the purpose of identifying a user or device and establishing a session within an application. Many companies with E-Commerce presences rely on cookies for maintaining sessions (logins). Cookies had initially also expanded into other "tracking usages", such as advertising, content personalization and similar usages. The Cookie-based, tracking-related technologies used include HTTP Cookies, HTML5 localStorage/sessionStorage/webDB, Flash local storage/cookies (deprecated along with Flash technology itself), Web Beacons such as Pixel Trackers/GIFs & Canvas, Embedded scripts (JS), ETags/cache browsers, and push-based Software Development Kits & Callback APIs.


First-party Cookies

First-party Cookies are placed by the website you are intentionally interacting with (including through the use of third-party service providers) and are used to allow you to use that conmpany's services & features to maintain a session or assist in opt-in/opt-out/background analytics activities.

Third-party Cookies

Certain third parties may place their Cookies on your device and use them to recognize your device when you visit a company's services and persist or "stick with your device" when you leave one website to visit another website or even while interacting with multiple online services (for instance in different tabs, windows or browsers). Third-party Cookies enable certain features or functionalities, and advertising, to be provided on the Services. The third parties who employ these methods typically collect and use this information pursuant to their own privacy policies.


Types of Cookies

The Services use the following types of first and third-party Cookies for these purposes:

Strictly Necessary Cookies

These Cookies are required for Service functionality, including for system administration, security and fraud prevention, and to enable any purchasing capabilities. Users can still set their browsers to block these Cookies, but some parts of the destination website/service may not function properly.

Information Storage and Access

These Cookies allow companies (and potentially their partners) to store and access information on the device, such as device identifiers.

Measurement and Analytics

These Cookies collect data regarding your usage of and performance of the Services, apply market research to generate audiences, and measure the delivery and effectiveness of content and advertising. We and our third-party vendors use these Cookies to perform analytics, so we can improve the content and user experience, develop new products and services, and for statistical purposes. They are also used to recognize you and provide further insights across platforms and devices for the above purposes.

Personalization Cookies

These Cookies enable a provider to provide certain features, such as determining if users are a first-time visitors or repeat, capping message frequency, remembering choices users have made (e.g. language preferences, time zone), and assisting users with logging in after registration (including across platforms and devices). These Cookies also allow your device to receive and send information, so you can see and interact with ads and content.

Content Selection and Delivery Cookies

Data collected under this category can also be used to select and deliver personalized content, such as news articles and videos.

Ad Selection and Delivery Cookies

These Cookies are used to collect data about your browsing habits, your use of the Services, your preferences, and your interaction with advertisements across platforms and devices for the purpose of delivering interest-based advertising content on a company's services and any experiences embedded from that company within third-party sites (widgets, embedded scripts, etc). Third-party sites and services also use interest-based Advertising Cookies to deliver content, including advertisements relevant to your interests on the Services and third-party services. If you reject these Cookies, you may see contextual advertising that may be less relevant to you.

Social Media Cookies

These Cookies are set by Social Media platforms on the services to enable you to share content with your friends and networks. Social media platforms have the ability to track your online activity outside of the Services. This may impact the content and messages you see on other services you visit.


Secure Cookies

[1] [2]

HttpOnly

[3]

SameSite


Addressable Media preservation technologies

Most of these have been criticized by consumer privacy advocates such as the Electronic Frontier Foundation (EFF), World Wide Web Consortium (W3C), Free Software Foundation (FSF). For instance, Unified ID 2.0, a proposed replacement for "3rd party tracking cookies", would according to the EFF "deputize publishers to collect email addresses and other PII on ad tech’s behalf and could normalize “trackerwalls” that force users to sacrifice privacy for first-class Internet access".

[4]

Unified ID

Initiative proposed by IAB.

For more info, see: UnifiedID

FLoC

Initiative proposed by Google.

For more info, see: FLoC


Fingerprinting

[5] [6]

WebFinger



Tools


Resources


Tutorials


External Links


References

  1. Yes, You Should Secure Web Cookies with Secure Flags (even Applications that already operate over SSL): https://www.pivotpointsecurity.com/blog/securing-web-cookies-secure-flag/
  2. Netsparker tool shows cookie is not marked as HttpOnly: https://stackoverflow.com/questions/38782022/netsparker-tool-shows-cookie-is-not-marked-as-httponly
  3. Secure WordPress with X-Frame-Options & HttpOnly Cookie: https://geekflare.com/wordpress-x-frame-options-httponly-cookie/
  4. After Cookies, Ad Tech Wants to Use Your Email to Track You Everywhere: https://www.eff.org/deeplinks/2021/04/after-cookies-ad-tech-wants-use-your-email-track-you-everywhere
  5. List of trackers provided by "Disconnect" add-on/extension: https://disconnect.me/trackerprotection (this is the list used by Mozilla to block trackers in FireFox)
  6. Enhanced Tracking Protection in Firefox for desktop: https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop
  7. Firefox Cookie Editor: http://www.ghacks.net/2008/12/12/firefox-cookie-editor/
  8. Add N Edit Cookies 0.2.1.3 -- FIREFOX PLUGIN: https://addons.mozilla.org/en-US/firefox/addon/573
  9. Live HTTP Headers: https://addons.mozilla.org/en-US/firefox/addon/live-http-headers/?src=ss (to see Cookies actually being passed in the Headers of HTTP requests)
  10. FF Dev Tools -- Network Monitor (now shows Cookies): https://developer.mozilla.org/en-US/docs/Tools/Network_Monitor
  11. FF Dev Tools -- Storage Inspector (now also shows Cookies and enables some add/delete/update capabilities): https://developer.mozilla.org/en-US/docs/Tools/Storage_Inspector
  12. Edit or remove cookies from Firefox’s Developer Toolbar: https://www.ghacks.net/2012/11/03/edit-or-remove-cookies-from-firefoxs-developer-toolbar/
  13. Cookie Inspector extension for Chrome: https://chrome.google.com/webstore/detail/cookie-inspector/jgbbilmfbammlbbhmmgaagdkbkepnijn
  14. Cookies extension for Chome: https://chrome.google.com/webstore/detail/cookies/iphcomljdfghbkdcfndaijbokpgddeno
  15. Inspect and Delete Cookies in the built-in Chrome Dev Tools: https://developers.google.com/web/tools/chrome-devtools/manage-data/cookies
  16. How do I view, add or edit Cookies in Google Chrome?: https://superuser.com/questions/244062/how-do-i-view-add-or-edit-cookies-in-google-chrome
  17. How do you view session cookies in Internet Explorer?: https://stackoverflow.com/questions/6051811/how-do-you-view-session-cookies-in-internet-explorer
  18. Google’s FLoC Is a Terrible Idea: https://www.eff.org/deeplinks/2021/03/googles-floc-terrible-idea
  19. How To Learn To Stop Worrying And Love The Cookie-Less Future: https://www.mediapost.com/publications/article/354441/how-to-learn-to-stop-worrying-and-love-the-cookie-.html

See Also

Authentication | HTTP/HTTPS | Session | Login | Security | Privacy | BT/Personalization | Email | WebFinger | Web Analytics | JS | JSP | PHP | ASP | Python