Visiting a website by default a user’s device gets a cookie, the password is saved, and the information flows free. The Internet today is widespread information structure, the prototype of what is called Global Information Infrastructure. The information that is meant to be free and shared worldwide.
The Cookie and Password Packets
There are 7,634,758,428 people populating this planet. More than half of them are using Internet actively. Visiting websites while browsing leaves a certain information online.
While he/she clicks to the website user is unaware of the chat going on between a website and the user’s device. The computer introduces itself to a website. Meanwhile, the website’s server is making a special cookie for the guest to take home. It’s a virtual handshake and introduction between the two, which allows the server to recognize that exact device the next time it visits.
Even though the cookie seems like an empty shell, it contains a simple information. A specific data unique only to that website and the user visiting it.
The information cookie contains:
· The name of the cookie.
· The value of the cookie.
· The expiration date of the cookie. Which marks the date when cookie leaves the device.
· The path of the cookie. Only the web server that sent the cookie can have access to it.
· Screen resolution of the computer.
· The processor of the computer.
· Operating System installed on the computer.
· Graphics Card on the computer.
· The Web Browser from which computer communicated.
· The location of the device.
The widespread belief is that cookies stores passwords. That may be true in some cases but not all. The common knowledge is that it depends on the website. The majority of them no longer save passwords. This is due to the protocol of secured websites. Which means when the website uses https in its URL or website address, means it’s secured. Any conversation the website makes with the computer is secured and encrypted.
The packets the website and the computer pass back and forth is firmly protected and coded. The information can contain the cookie, passwords, and files. These interactions cannot be deciphered by an intruder. Meaning someone listening to the conversation at the table next to him cannot understand a word they are saying.
On the other hand the “cookie sniffing” is a well-known criminal act. The cybercriminal will inspect the cookie if he finds it valuable and obtains whatever information is inside.
The Facebook and Cookie
Nearly 2 billion world users have a Facebook profile, and 74% are users from North America. Each user is monitored daily for the information. On average more than 3 websites will actively monitor a single user on a Facebook, without their knowledge. This information is sent to servers, and the users surfing slows down due to data transfers.
According to Facebook: “Technologies like cookies, pixel tags (“pixels”), and local storage are used to deliver security, products, services, and ads, on and off Facebook. Your browser or device may allow you to block these technologies, but you may not be able to use some features on Facebook if you block them.”
Therefore the majority of the tracking is done through a cookie. The recent news announces that Facebook will from now on be tracking even the non-users around the Internet. So what exactly are the cookies collecting on the users, as well as the businesses?
· Customer Data
· Contact information (such as full name and email address)
· Demographic information (user and device locations, including specific geographic locations)
· Username and password
· Work title
· Department information
· Other information related to your work
· All content that you create (share or post in audio, video, text, images, and other media or software files)
· Information other people provide about you when using the Facebook (including when they send a message to you or upload information about you)
· User communications
· Device information (computers, phones, or other devices where you install or access platform)
· Connection Information (including mobile operator as well as ISP)
· Billing information
· Received Information (here including websites that are the third-party partners with Facebook)
The Facebook-owned companies are sharing these information with each other as well. These companies are Facebook Payments, Atlas, WhatsApp, Instagram, Moves, Oculus, Masquerade.
The truth is these cookies cannot be seen without the use of privacy software. Privacy software is much like any other active monitoring application that scans the hard drives and Internet Browsers. Software like Identity Theft Preventer will search and expose such data.
The Web Browser and Website Cookie
When it comes to cookies and passwords, the Internet Browser is usually the one to be blamed. Which in turn is not entirely true since it’s the websites that decide what is saved. The Browser simply provides the tools to perform an action. This again depends on the website’s security as well.
Internet Browser is a software like any other, it stores certain information so it can function properly. Majority of this information is stored in the Browser’s installation folder. Among the files are actually cookies from websites, and even saved passwords.
The website determines how long the user can stay logged in. Majority of them have a short time span like banks. The banks, in general, avoid saving passwords as well. Banks usually disable built-in password managers by adding the autocomplete=off parameter to the password input field. They consider it a security risk to store credentials for their services, which may be true in some cases.
Many websites, however, leave you logged in for a very long time. Which means, for example, you are logged in on another computer that does not belong to you. You save a password by accident or otherwise, and forget to log out. The owner of the computer or anyone having access to it can see your password or your account.
The cookies store information, the information within it is encrypted and unavailable to anyone except the website using it. However, the unsecured websites have cookies that can be deciphered and abused. The free information posted online and saved by the user is much easier to obtain, and the criminals know that. Logging out of websites, leaving as less information possible, and cleaning the cookies is a safer way to actively participate in the digital world.