Copyright © 1998-2020 imacat. Please read the copyright before copying.
The web HTTP connection is itself unreliable. It disconnects as soon as it finished transferring a page. If you wish to read another page on the same website, it has to reconnect again. Because of that, it’s almost impossible for a website to know if some connections came from the same person or not. But, for the web membership systems like web mails, it has to know if you are the same one that logged in minutes ago, in order to open the right mailbox or provide other services correctly. In order to solve this, Netscape had invented a method called cookies
. Cookies are some pieces of infomation that are saved on the users’ computers in order to retrieve later, so that the website can know that these connections came from the same person. However, cookies have still other applications. They can keep your real name, telephone number, address, credit card number, ID number and password when you bought something and submit them onto a website once, and allow the website to retrieve them freely afterwards. Another application is that, they can record each address you browsed on a website, like a secret monitor. Moreover, if an advertiser buys advertisements on all the major websites, they can analyse all the data they gathered from these major websites, and build a complete tracking record of everyone, including the exact time and address of all the places one has been. A monitor of everybody on the internet.
Horrifying, eh?
The problem of cookies is a dilemma: Without cookies, it’s almost impossible for the websites to recognize who you are, and thus employ the membership systems. On the other hand, with cookies, websites can monitor each of your movement, and record some private infomation without your notice.
In order to solve this problem, the internet standard organization World Wide Web Consortium (W3C) had established the Platform for Privacy Preferences (P3P). According to P3P, websites have to state their cookie policy both in a clear document and in a format that’s known by the browsers. Users can set their cookie acceptance in advance. When browsing a website, browsers can compare the users’ settings with the websites’ statement, and decide if it shall accept the cookies or not. This sounds wonderful, but practically speaking it is nonsense. P3P itself is a lie. Websites can state anything they like, and save your real name, telephone number, address, credit card number, the time and address where you have been, in an encrypted format that browsers can never tell. Technology can not solve the problem of human dishonesty. It’s not surprising that P3P was established mainly by the major commercial websites and advertisers. It’s, after all, only a trick to cheat the users.
In order to really solve the problem of cookies, you have to understand the working method of cookies: When a website sets a cookie, it can specify an expiration date. If a cookie is set without an expiration date, it is called session cookie
, which is only valid in this session. It exists temporarily in the browser memory, and disappears whenever the browser exits. If, on the contrary, a cookie is set with an expiration date, it will stay on your computer until it expires. Note that, however, there’s no limit how websites can set the expiration date of its cookies. They can set the expiration date to 50 or 100 years, which means they nearly never expire. They could retrieve these cookies anytime in the future.
Another way of categorizing cookies, is to seperate them into first party cookies and third party cookies: First party cookies are those sent from the website that you are browsing. Third party cookies are those sent from the websites of the files referred by the page you are browsing, mostly are advertisements.
Technically speaking, only session cookies are necessary to set up membership systems. It only needs to remember who you are when your browser is working. It doesn’t have to record anything anymore when your browser closes. Also, you only need the cookie of the website whose membership system you are using. You don’t need the cookies of other websites. You should accept only the temporary cookies from the same website, and reject all the persistent cookies and third party cookies. Then, no matter what they record in their cookies, these infomation will disappear whenever the browser exists. They have no way at all to retrieve them in the future.
Older browsers have only 3 options with cookies: Accept all, reject all, or ask you one by one. We cannot reject all the cookies, but we don’t want to accept all of them, too. However, it will become extremely annoying if the browser asks us one by one, since cookies are employed all over the internet now. Modern browsers have more options: You could turn off persistent cookies and third party cookies explicitly. However, because the venders of the major browsers are of the same interests of the major commercial websites and advertisers, the default settings of most of these browsers are always set to accept all the cookies. You have to turn them off manually by yourself.
Start your Mozilla. From the Edit on the top toolbar, choose Preferences.... In the popped-up window titled Preferences, choose the Cookies below the Privacy & Security in the Category at the left. If you don’t see the Cookies and there’s a right arrow precede the Privacy & Security, click on the right arrow to display it. Choose the Enable cookies based on privacy levels in the Cookie Acceptance Policy at the right, and click the View Privacy Levels next to it. It will pop up a window titled Privacy Levels. Choose custom in Level of Privacy. In Cookie Acceptance Policy (a function of Level of Privacy), choose Session on all the options below the First Party Cookies, and choose Reject on all the options below the Third Party Cookies. Click OK. Also, check the Limit maximum lifetime of cookie to option and choose current session below. Click OK. That’s all.
Start your Internet Explorer. From the Tools on the top toolbar, choose Internet Options.... In the popped-up Internet Options window, click the Privacy at the top to move to the Privacy page. Click the Advanced.. in the Settings. It will pop up an Advanced Privacy Settings window. In Cookies, check the Override automatic cookie handling option. Choose Block in First-party Cookies, and choose Block in Third-party Cookies. Then check the Always allow session cookies option. Click OK, OK. That’s all.
Start your Internet Explorer. From the Tools on the top toolbar, choose Internet Options.... In the popped-up Internet Options window, click the Security at the top to move to the Security page. Click the Custom Level... at the bottom. It will pop up a Security Settings window. Scroll down in the Settings list to fine a category named Cookies. Choose Disable in Allow cookies that are stored on your computer, and choose Enable in Allow per-session cookies (not stored). Click OK, OK. That’s all.
Internet Explorer 4 and earlier versions can only set to accept all, reject all or ask you one by one. You cannot configure it delicately.
Netscape all versions can only set to accept all, reject all or ask you one by one. You cannot configure it delicately.
Start your Opera. From the File on the top toolbar, choose Preferences.... In the popped-up window titled Preferences, choose the Privacy at the left. In the Cookies at the right, check the Enable cookies, choose the Automatically accept all cookies at the first option below, choose the Do not accept third party cookies at the second one, and check the Throw away new cookies on exit. Click OK. That’s all.
by imacat, first written 2002-01-13, last updated 2006-04-06Copyright © 1998-2020 imacat. Please read the copyright before copying.