This document discusses online privacy issues related to cookies. Cookies are small pieces of text stored by a user's web browser that can store information entered on websites, such as items in an online shopping cart. While cookies have legitimate uses, some companies misuse them by secretly implanting their own cookies to track users' online activities, interests, purchases, and lifestyles without consent. This raises privacy concerns, as such detailed personal information may be sold to third parties. The document outlines various ways cookies can be misused, such as cookie hijacking, theft, and poisoning. It suggests users protect their privacy by changing browser settings to block cookies, using firewalls, and being aware of privacy policies.
2. With the progress of online technology,
privacy issues have arouse more and more
concerns to consumer. The porblems of
strangers or third party break into personal
online information especially worth our
concern. And the majority of these concerns
are related to the issue of 'Cookies'.
3. For authentication
'Shopping Cart' Contents.
Users may choose
different product in
different pages within a
period of time. And the
information will be written
on Cookies, which may
help to get history at the
final payment.
Storing site
preferences
A Cookie, as known as a web
cookie, browser cookie, and
HTTP cookie, is a piece of text
stored by a user's web browser.
4. Cookies normally have useful functions, however, the original intention
had been ruined by some enterprises. Those enterprises have found
some ways to implaint their own cookies secretly through this process.
And then set up the detailed searching engine about consumer's own
interests, purchasing habits and lifestyles. A lot of companies sell these
kinds of informations to the third parties in order to get profit.
5. Different ways of invasion of online privacy by Cookies
• Cookie hijacking Cookies can be
stolen via packet sniffing in an
attack called session hijacking.
Traffic on a network can be
intercepted and read by computers
on the network other than its
sender and its receiver
(particularly on unencrypted
public Wi-Fi networks). This
traffic includes cookies sent on
ordinary unencrypted HTTP
sessions. Where network traffic is
not encrypted, malicious users can
therefore read the
communications of other users on
the network, including their
cookies, using programs called
packet sniffers.
6. • Cookie theft The cookie
specifications constrain cookies to
be sent back only to the servers in
the same domain as the server
from which they originate.
However, there are different ways
to steal cookies by cross-site
scripting and making the browser
itself send cookies to malicious
servers.
7. • Cookie poisoning While cookies
are supposed to be stored and sent
back to the server unchanged, an
attacker may modify the value of
cookies before sending them back
to the server. If, for example, a
cookie contains the total value a
user has to pay for the items in
their shopping basket, changing
this value exposes the server to
the risk of making the attacker
pay less than the supposed price.
8. Example for good use of Cookies
If you are looking for house renting information on
Allhomes.au, they may notice that and send you an
e-mail that contain the latest informations on that.
This kinds of network marketing is well targeted to
consumers' needs. But, the information collected
through adware or spyare have often been sold to a
third party which is not that kinds. So will you still
have a positive impression of this kinds of cookies
and softwares?
9. Example for bad use of Cookies
If, a cookie contains the total value a user has to pay
for the items in their shopping basket, changing this
value exposes the server to the risk of making the
attacker pay less than the supposed price.
The process of tampering with the value of cookies is
called cookie poisoning, and is sometimes used after
cookie theft to make an attack persistent.
10. So, we really need to pay hundred percent attention when we
conduct activities on the Internet!!!
11. How to protect your onlince privacy
Users can change their
browser settings to
realize prohibition of
use of Cookies.
Enterprisers who have
conscience also
provide opt-out
function to their own
website in order to
prevent their own
cookies to collect or
store the information
in the user's system.
For those who are apprehensive for been monitored. They still have a
lot of ways to protect their privacy online.
Firewall can protect
user's computer from
any attacks, and let the
users know whether
their computer
program is trying to
steal and tranfer their
personal data to the
third party.
12. Postscript
Cookies are only one central point of the endless
controversy over Internet privacy issues. With the adoption
of new technology, more policies and rules will be needed
to regulate the online marketing activities.
13. Interactive questions:
1.If you are responsible for the online
product marketing,do you want to get this
kind of information from cookies? Why or
Why not.
2.Should the network security and privacy
issues be interfered by government and
laws or by self-regulation of the
enterprises?
14. Reference Lists and Useful sources
• William F.Arens, 2007, Essentials of Contemporary
Advertising.
• Flew, T 2010, New Media: an introduction, 3rd edn, Oxford
University Press.
• Highly recommended: http://www.youtube.com/watch?v=XfZLztx8cKI