Understanding HTTP Cookies

Blog / Understanding HTTP Cookies

Understanding HTTP Cookies

What are cookies? 

A computer cookie, more formally known as HTTP cookies refer to data packets including username and password information which your device receives from a given website that you visit. The data packets are stored by your device for a certain amount of time depending on your selected preferences, in a file that can be found in the web browser you use. HTTP cookies are used to identify specific users and improve their web browsing experience. 

The data stored in a cookie is labelled with an ID that is specific to you and your device and is generated by the server when you connect. The stored cookie is exchanged between your device and the network server when you visit the site and when the server reads the ID, it presents customised information.  

Cookies are stored locally on your device to allow more free space on a website’s server. This method saves further maintenance and storage costs for the websites.   

Purpose behind HTTP cookies  

The purpose behind HTTP cookies is to improve your interaction with the web.   

More specifically, this involves: 

  1. Session management – Enabling cookies allows websites to store their user’s preferences to show more relevant content. Enabling cookies also allows websites to store login details and selected options for example, items for online shopping. In case the user accidently closes the browser, when reloaded, enabled cookies will show the selected items again.  
  2. Personalisation – Cookies are used to tailor adverts that are shown to the user. For example, the user may see certain items or certain content that has been personalised based on previously visited sites and purchases.  
  3. Tracking – Online shopping sites use cookies to store data regarding previously viewed or purchased products to suggest similar products.   

Different variations of HTTP cookies   

Session cookies – Only employed while using a website and are never stored in the hard drive. The session cookies are immediately deleted when you finish navigating a given website. They help third party anonymiser plug-in’s function, these plugins which are designed for certain browsers to help protect user privacy.  

Persistent cookies – Are stored on the device however upon expiration data, they are automatically removed.  

The purposes for persistent cookies are: 

  1. Authentication – More specifically, storage of login details and to track if a user is logged in as well as the name they use whilst logged in. 
  2. Tracking – Tracking of repeated visits to the same site over time. This is used by online retailer sites to track user interaction with certain products to suggest similar products. Over time, a user profile is built depending on the customer’s browsing and purchase history. 

What to be careful of when enabling cookies  

On their own, cookies are not harmful. It becomes an issue when criminals hack into your stored cookies and gain access to and track your browsing sessions.  

Some cookies carry more risks depending on where they are from:  

  • First party cookies – Directly created by the website you are surfing and are generally safer, depending on if you are using a reputable, uncompromised website.  
  • Third party cookies -  Are more of an issue. They are created by websites that you are not actually using due to linked ads on the page. For example, visiting a site with 5 ads can generate 5 cookies even if the user does not click the ads.  
  • Zombie cookies – Are from third party sources and are permanently installed on the user’s device without the user’s consent. They are also known as ‘flash cookies’ and are very difficult to remove as when deleted, they recreate themselves. Zombie cookies may be used to track individuals or may be used by the website to ban specific users. 

Managing cookies  

Users have the option of enabling cookies and if cookies are allowed by the user, the user can select which ones can be stored onto their device.  

If you wish to allow cookies: 

  • Find the cookie section which can usually be found in the ‘Privacy’ section of ‘Settings’.  
  • Click the boxes to enable cookies. This can also appear as ‘Allow Local Data’. To disable cookies, uncheck these boxes.  

If you allow cookies, deleting them after a browsing session improves your online privacy.  

If you wish to remove cookies: 

  • Find the cookies section (if you use internet explorer, this can be found under ‘Tools’. 
  • Select the options available to manage or remove cookies 

Removing cookies can make some websites harder to navigate and depending on the site, you may need to re-input your data for each visit. Also, some websites do not allow you to use their site unless you enable cookies. 

How can Securiwiser help? 

Our aim is to also ensure that our clients (whether they are individual users or business owners) are confident in their knowledge about various cyber threats that their businesses and system may face. This includes increasing trends and frequencies of certain threats and protection and prevention methods that are cost effective and time saving.   

Criminals often gain unauthorised access by exploiting underlying vulnerabilities that are unknown to the device owner. Securiwiser can conduct regular scans for your system and provide the exact details of found vulnerabilities or compromises. We can further explain these vulnerabilities or threats to our clients and provide the best course of action that will save your business time and money.

How secure is

your school?

Security test

How secure is

your school?

Security test