It would be like having to get a new security card every time you wanted to go into your office. If you delete your Facebook cookies then its as though you incinerated your ID card. If you copied my cookies and saved them on your computer which is not hard - remember, they are just text files , then as far as Facebook is concerned, you are me. This is why your browser has to make sure not to expose your cookies to the wrong people - knowing my cookies is like cloning my ID card.
It is possible for websites to monitor their traffic without using cookies. All they have to do is look at their server logs and see how many requests their server received. But cookies make tracking even more powerful and personal. If they can group together activity by the same user then they can better understand how individual users are interacting with their site.
How many pages are they viewing each visit? How often do they come back? This might be in order to improve their product, massage their egos or serve targeted ads. If a website requires its users to log in then they can easily be identified by their existing login cookies. The website can therefore already see everything that their users do without having to perform any extra work.
They can use these IDs to map requests to users, count up all the pages that Alice, Bob and Eve requested last Tuesday and start drawing graphs.
They are unlikely to want to bother looking at exactly which pages Alice looked at at exactly what time, and probably have some amount of access-control to keep the user-by-user data private. This information is generated as a direct by-product of your requests to load a website, and the only way you can prevent it from being collected is to not visit the website in the first place.
Even websites that do not require users to log in to any systems such as news sites, shops or blogs can still collect this kind of behavioral data. They can still set a cookie on your device when you first load the website, containing a randomly generated ID eg. Your browser will append this cookie and the ID inside it to every request it sends to their domain, just as it did for the logged-in session ID cookie. The website can therefore use this ID to link together your activity in a similar way to that of a logged-in user.
They can use this information for almost any purpose they like, from improving their site to massaging prices. In practice, websites usually track non-logged in users in using external, third-party software like Google Analytics or AdRoll. These specialized trackers are typically much more powerful and easier to manage than handling tracking in-house, and come in two main flavors: single- and multi-website trackers. Single-website trackers like Google Analytics keep the data of each of their client websites siloed and isolated from each other.
They are therefore much more powerful, with many rather discomforting integrations with other data stores that can help websites learn more about otherwise anonymous users. Many people object to being tracked by third-party software of any kind in any way. Personally, as long as my behavioral data is only being stored by these third-parties, and is not shared with other companies, I am relatively happy.
However, there are many third-party trackers that are dedicated to tracking and connecting your behavior across multiple, unrelated websites. I find these multi-website trackers much more disturbing. By combining their data, trackers and their clients are able to assemble a much more complete picture of your online activities. This allows them to show you ever more precisely targeted ads, tailor prices to the perceived depth of your pockets, or even to alter website content based on what they think you want to hear.
I believe that these cross-website trackers are extremely troubling for online privacy. A third-party tracker is run by a completely different company on a completely different server to the website whose users they are tracking. From the perspective of website owners and of trackers, it provides desirable functionality, including personalization, site analytics, and targeted advertising.
Without trackers, an e-commerce website will have to treat every user as a stranger and would be unable to present personalized content. The greatest concern involves trackers from third-party websites. This Twitter thread describes how much of our information is being collected by Google and Facebook. Say for example, you go to nytimes. Because you choose to visit a first-party, we are not particularly concerned about what the first-party knows from your visit.
A third-party tracker like doubleclick. Once there is one third-party on a page, that third-party has the ability to turn around and invite any number of other third-parties to the first-party webpage. The trick is in taking this data and shacking up with third-parties to help them come up with new ways to convince you to spend money, sign up for services, and give up more information.
You might think that this tracking is anonymous, since your real name is not attached to it. But many third-parties do know your real identity. It is also possible for a tracker to de-anonymize a user by algorithmically exploiting the statistical similarity between their browsing history and their social media profile.
While most third parties are invisible, visible page elements such as Facebook Like buttons, embedded Twitter feeds, and a variety of other commercial widgets are all modes of third-party tracking. Cookies are the most widely known method to identify a user. They use small pieces of data each limited to 4 KB placed in a browser storage by the web server. Subsequent visits to the Facebook page do not require you to login, because your details will be remembered by the browser through a cookie stored during your first login.
Browser fingerprinting is a highly accurate way to identify and track users whenever they go online.
The information collected is quite comprehensive, and often includes the browser type and version, operating system and version, screen resolution, supported fonts, plugins, time zone, language and font preferences, and even hardware configurations. These identifiers may seem generic and not at all personally identifying. Watch this video from Adversitement to learn more about cookies and how they work. Generally speaking, cookies don't pose a serious risk to your online security—you're unlikely to acquire malware or expose sensitive financial information by using cookies.
Still, if you don't like the idea of websites collecting information about you this way, there are options for limiting cookie tracking on your computer. There are a few different ways to avoid cookie tracking.
Some websites actually give you the option to disable cookie tracking on their site, although this may also disable certain site features. If you want to opt out of cookies entirely, you could try enabling the Do Not Track setting in your browser. Most web browsers disable this feature by default, but it can usually be activated from the privacy settings. Note that participation in the Do Not Track program is voluntary , so some sites may not honor this request.
If you'd prefer to avoid cookies altogether, you could use a private browsing mode whenever you go online. This will prevent any cookies from being saved to your web browser.
0コメント