Active Content and Cookies for Cybersecurity

by | Continuing Education, Security, Tips and Tricks

Active content and cookies are aspects of modern web-browsing experiences that many people may not understand. This lack of understanding may lead some web users to compromise the security of their personal information. Fortunately, a basic understanding of the ways that active content and cookies work on your system can help.

What is Active Content?

When you visit a  website, you may notice animations, videos, forms, polls or ads that take the website beyond simple text.  Active Content is what these embellishments are called, and they are often JavaScript or plugins. Unfortunately, while functionality like this can help create an appealing and interactive website, active content can also be a prime target for hackers who exploit the nature of running programs to deliver malware to computers. For example, rather than run an ad on a webpage, a compromised script may tell your browser to download a virus or upload personal information to a remote server.

While it is possible to disable active content entirely, this may reduce the functionality or appearance of your favorite websites, most of which will be completely harmless. Instead, you may wish to try a browser extension for your web browser that can allow or forbid individual scripts or ads as they are launched.

On trusted websites, you will be able to allow all active content to run normally. If you ever find yourself visiting a suspicious website, however, you need to disable active content for that website or browsing session. This limits the chance that background scripts, ads, or other active content will be used to try to install malware on your computer without your knowledge. Common sense is going to be the key. If you are visiting the website of a major corporation or agency, chances are high that any scripts on the webpage will be secure and trustworthy. It is when you start to venture into personal or lesser-known websites that you have to be extra careful.

What are Cookies?

Cookies are small files that websites use to record information about your computer.  That information can be things like your IP address or browsing history. Anytime you visit a website cookies are downloaded by your browser automatically.  Those cookies are then stored in a browser folder until a webpage wishes to access them.

While this may sound disconcerting for those concerned with privacy, cookies provide important functionality in many cases. For example, cookies are what tell a shopping website that you have been there before.  Then can also tell the site you have a login.  You may have stored that login and password in your browser.  This can save you time, not having to recall your password. By tracking articles that you have viewed on a news website, cookies can help content providers direct you toward other areas of the site that you may find interesting. As you might expect, however, while saving login information and browsing history can be useful at home, it presents a significant security risk on public computers.

Different Types of Cookies

There are two main types of cookies that websites use today: session cookies and persistent cookies. Session cookies are used to store temporary information such as individual web page preferences. Session cookies are only active during an individual session of browser use, as the name would suggest.  They are deleted as soon as the browser is closed. Persistent cookies, however, are designed to be stored on your computer for longer periods of time. For example, a shopping website may use a cookie that tracks the items you have viewed on the site. The length of time that persistent cookies are stored on your device depends on your browser settings. Browsers can be set to store persistent cookies for a number of days, weeks or months to meet the needs of the user.

No Cookies?

While you can tell your browser to block cookies entirely, many websites today rely on cookies for their proper functionality. As a compromise, consider blocking third-party cookies — that is, any cookies that come from sites you did not directly visit. This setting can often be enabled in the preferences of today’s browsers. On public computers, look for an option to delete all cookies at the end of your browsing session.  This will reduce the chance that the next computer user can access your data. Limit the amount of cookies that are stored on the system.  Either delete them entirely or reduce the time that cookies are stored.  That will ensure that the amount of information about you available to websites remains controlled.

Cookie Policy

Most websites will also have a cookie and privacy policy.  Those policies or policy will describe exactly what data is being collected or stored.

 

[icon name=”newspaper-o” class=”” unprefixed_class=””]Read all of our articles.

 

0 Comments