To allow cookies, or not

Discussion in 'privacy problems' started by Fly, Oct 3, 2009.

Thread Status:
Not open for further replies.
  1. Fly
    Online

    Fly Registered Member

    System: Windows XP Home Edition SP 2 IE 7 higher than default security settings.

    Right now I'm not 'in the mood' to switch to IE 8.

    I know it's a bit of a silly question.

    Usually I have the browser set to allow direct cookies, block indirect cookies, box for session cookies unticked. That works without any real problems. Basically, I'm used to this configuration.

    But recently I noticed that I can ALMOST ALWAYS browse the internet while blocking direct cookies without any problems. I can log into wilders (for which I have an existing cookie) and I can search the web and access most websites without any problems.

    There is a statement on www.grc.com that IE 7 does not handle cookies properly. If I try : www.grc.com/cookies/forensics.htm (with direct cookies blocked) my browser sometimes passes the test, sometimes it doesn't. Inconsistent.

    Pros and cons of blocking direct cookies ? I know you may need to allow cookies for shopping carts. To what extent do cookies affect privacy ? Web bugs, web beacons ?

    I know of one or two tricks to have IE 7 handle third party cookies as direct cookies, but I usually can't find such cookies on my system. Are they outside the regular cookie folder ?
  2. JohnnyDollar
    Offline

    JohnnyDollar Guest

    You allow cookies? Well it's a miracle... I thought your pc was locked down so tight that MI-5 does surveillance on you just so they can get some security tips for their own machines.lol:D
  3. Fly
    Online

    Fly Registered Member

    I just reread the thread.

    As an example of third party cookies getting past the configuration: allow direct cookies, block indirect cookies, session cookies unticked: recently I found a Doubleclick cookie and a Facebook cookie in my regular cookie folder. I didn't visit a Facebook page, or so I thought. :blink:
    When I used Counterspy it frequently detected GO cookies and one or two others.

    So I wonder: is there a 'stash' of cookies somewhere outside my regular cookie folder ?

    And does it really impact web bugs/beacons/privacy ? I don't use a HOSTS file to block stuff.

    Third party cookies are of no use to any computer user, nothing good, just being tracked, which is a con.

    We can make jokes, enjoy yourselves ;) but I welcome any comments with substance.
  4. JohnnyDollar
    Offline

    JohnnyDollar Guest

    Well you got flash cookies that the better privacy firefox extension will delete for you. https://addons.mozilla.org/en-US/firefox/addon/6623
  5. HKEY1952
    Offline

    HKEY1952 Registered Member

    Here is my default setup running Microsoft Internet Explorer 7 with default security settings behind an Firewall Router:

    Block First Party Cookies
    Block Third Party Cookies
    Block Session Cookies
    Block Cookies at the Router
    No Flash - Removed From System


    There are no problems navigating the Internet, there are never any Cookies, Wilders or otherwise, stored anywhere in the computer.
    Popups, redirects, ads, tracking, and the like are nil most of the time
    .

    When purchasing products the security setup for that session only is as follows:

    Allow First Party Cookies
    Block Third Party Cookies
    Allow Session Cookies
    Allow Cookies at the Router
    No Flash - Removed From System


    GRC Web Browser Cookie Forensics:
    GRC_CF001.JPG


    HKEY1952
  6. I no more
    Offline

    I no more Registered Member

    Some sites require cookies to function properly, but I've never known a site that requires the same cookie from session to session.

    I just allow all cookies, then when I'm done with a specific task or session, I just delete all cookies and all other private data from the browser. I use Firefox, and I have it set to delete everything on closure of the browser.

    So, let's say I'm on YouTube for a while. Then I want to go to my bank. I just close my browser to delete everything, then I go to my bank site. When I'm done with that, I close the browser. I usually avoid visiting multiple accounts in the same session (but not always). If they're all reputable sites, then I usually have no problem with logging into different accounts in the same session.

    My browser, in general, saves nothing once it's closed (and little even when it's open) . As far as I know, I'm not protecting against any specific exploit, but it takes little effort to operate this way, so why not?

    p.s. I know squat about IE. I gave it up some time in the early '70s (give or take), but you should be able to do something similar with it.
Thread Status:
Not open for further replies.