Privacy & Cookies

Several years ago, while waiting to meet my PCP, I saw an interesting catalog with options to order DVD’s to further ones knowledge about various subjects. Curiosity got the best of me and when I came home, googled to learn more and left it there without registering or purchasing any products. Didn’t think about it until a few weeks later, when I was surprised to see a hard copy of the same catalog delivered by mail to my home address. I had used Google Wallet once before and was always signed into my gmail account. I then made the connection that Googling and being signed into the services was not a good idea and started signing out of my gmail account.I assumed that the Service Provider would honor my request to be signed out and not track me. This was up until I started looking into the web traffic between a popular news site (let’s call it news.com) and my machine. What started out as a Training session using the browser debugging tools, ended up as an issue with tracking cookie as outlined below.I had signed out of Facebook as usual, while browsing news.com. Looking at the http requests, I noticed a harmless call to Facebook.com requesting for an image that was just 1X1 pixel. When news.com made this request to FB, the cookie as shown below was automatically sent with the request to Facebook. News.com also added some additional details about itself to the URL. Parts of this left over cookie from my previous Facebook sign in left a unique value that was able to identify me and associate my browsing pattern @ News.com. You can read more about FB Pixels here
latimes-fb-afteraIf I browse news.com while signed into FB, I should then be able to comment on articles etc which is the expected behavior and understand the essence of being tracked. Tracking someone when signed out wasn’t what I was expecting. A single website using cookie to track state has morphed into multiple websites using the same cookie to track a single user.Private BrowsingMost modern browsers support Private Browsing. You have to read though the documentation to see how it is being implemented before going all in. Understand the difference between New Tab’s vs New Window and see what is shared.The major advantage of using InPrivate Browsing with regard to this article is that the Cookies are deleted after you close the window. So news.com, when requesting content from FB for example, may not have the tracking cookie to make the connection as long as they are on 2 different Private Browsing windows. The downside of using private browsing is it makes it very difficult to manage Downloads, remembered content like Autofill and Passwords etc. I am adjusting to find a balance. Setting the Private Browsing mode permanently threw me off for a few days and is an annoyance. Wish there was an easier way to manage this by blocking cookie leeching while letting CDN’s work. . Be cautious when clicking links to read articles on Facebook. Every time, you click those links, you may be associating your FB or Google account with these sources. As long as you consciously make these decisions, it is ok.If you ever want to starting using Private Browsing, don’t FORGET to Save all the Passwords and then delete all your cookies / Browser data before you start.Here is some information on the EU Cookie Law

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: