Search

NR Lab

how to find software solutions for your security needs

HTTP cookies were never intended to be invasions of privacy. They were simply markers used by website developers to make users’ lives easier, by storing regularly-entered information or past history on the site. As always, though, the road to hell is paved with good intentions, and in this case it’s easy to see how stored user information could lead to problems.One of the problems with cookies is that they can be tied to user’s public profiles online at social networking sites. Another is that users are not informed when a cookie is stored. Hackers have come up with ways to access these cookies, which the user is unaware of, through cross-site scripting attacks. These attacks inject malicious code into web pages in order to bypass the intended security controls.An easy solution is to disable cookiesa feature included in all major web browsersbut this limits normal functionality on a number of sites. Another solution is to regularly delete cookies, which can also be done through the browser itself. The third option, however, requires an external program referred to as a “wrapper,” which redirects cookies and their associated data to another location. Users should be aware that these programs do not block Flash cookies, or Local Shared Objects. Adobe Flash Player uses these to store information, but most browsers do not offer options to disable these. They can be affected with specially-targeted add-ons, though.