Helping people with computers... one answer at a time.

Anti-spyware programs often list cookies as suspect without much explanation. We'll look at how to find out a little more, and what to do. Or not.

I use an anti-spyware program and on my weekly scans it shows me all the suspect cookies I have collected and asks me how I want to treat them (delete, quarantine, etc.). Most of these cookies are unrecognizable as to what sites they are from. Where can I get more information on cookies to know whether or not I want to keep them?

Cookies aren't nearly as dangerous as some folks think. In my opinion many anti-spyware programs make much too big a deal about cookies in general.

That being said, let's look at cookies using your browser instead of your anti-spyware tool (since I don't know exactly what information it's showing), and then I'll make a few recommendations.

In Internet Explorer 7:

  • Click on Tools

  • Click on Internet Options

  • In the resulting dialog box, in the section labeled Browsing History click on Settings

  • Click on View Files

That should have you looking at your Temporary Internet Files, similar to this:

Internet Explorer's Temporary Internet Files

What you're looking at is the cache of files that Internet Explorer has downloaded as part of the surfing you've done. IE tries to download files only once so that if you revisit that page, or visit a page that uses the same image, it's already on your machine, in the cache known as "Temporary Internet Files".

Much like what we're looking at here, many of the items will be unclear and confusing. At a minimum you can see in the "Internet Address" column what site URL the item pertains to.

Internet Explorer keeps cookies in the same cache.

Click on the Internet Address column header to sort by that value. Now, if you need to, scroll down until you see "Internet Addresses" that begin with Cookie:

Internet Explorer's Temporary Internet Files - sorted and scrolled to Cookies

As you can see, the cookies are also identified by the URL with which they are associated.

"... one thing becomes painfully clear: most of the cookies you don't recognize are simply advertising related."

So, what about URLs you don't recognize?

You can certainly go to the "http:" version of the URL. For example you'll see in the example above a cookie "Cookie:leon@ads.sun.com" - a visit to http://ads.sun.com quickly identifies is as an ad server owned by the Sun corporation. (I know, the "ads." plus "sun.com" as the domain was probably enough to make the same determination.)

Another approach is to look up the "whois" information for the domain. The cookie "Cookie:leon@2o7.net", besides being a strange name, doesn't actually work when you visit http://2o7.net. A quick visit to http://betterwhois.com shows that 2o7.net is owned by a company called Omniture - and a visit to omniture.com shows it to be an internet marketing company.

You can repeat that process for any or all of the cookies that you don't recognize. In the end I think you'll give up and get tired as one thing becomes painfully clear: most of the cookies you don't recognize are simply advertising related.

Advertisers use what we've come to call "tracking cookies", and as I've said in a previous article:

Tracking cookies generate a tremendous volume of information that is processed in aggregate ... meaning that advertisers using them can determine things like "this many people who visit site A also go to site B, so we should beef up our advertising purchase for site B." They're not saying "Oh, look, Leo just visited site A again. And there he goes to site B.". You and I as individuals just aren't that interesting. Analyzed as a group, however, the information can provide interesting trends and information.

So... what should you do?

Well, there's certainly no harm in deleting all cookies every so often. At worst you'll find you have to login to some sites where your password had been previously remembered.

If you're particularly concerned about tracking, you might consider configuring your browser to disable what are called "third party" cookies. That means when you (the first party) visit a web site like ask-leo.com (the second party) ads shown on that site which come from some other URL like ads.google.com (the third party) are not allowed to leave cookies. Personally, I'm not concerned about this type of tracking, so I leave them enabled.

And, ultimately, I actually see very little risk by doing absolutely nothing. Cookies don't present a true security risk - you can't, for example, catch a virus from a cookie. At worst cookies present a privacy risk, but as I stated above, most of us just aren't that interesting to be individually targeted.

I say let the cookies fall where they may.

Article C3365 - April 28, 2008 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

6 Comments
Russ
April 28, 2008 2:48 PM

I don't like the idea of data being collected over time about me. In an attempt to disrupt it I have Firefox delete all cookies at exit. That causes a few problems in itself as I lose some site configuration data that I have to reenter later.

Privacy is meaningless if you don't try to protect it. The act of trying to protect your privacy is important even if it isn't completely effective because it is showing that you care about privacy.

John
April 29, 2008 6:08 AM

I'm just a little surprised you wouldn't at least mention how to do it in Firefox; yes, the procedure is similar, but why not take a few lines to show where to access them? Obviously you can't cover how to do it for every browser, but considering Firefox's large share in the "internet browser pie chart", I think it is justified. Thanks for the great article though. :-)

sbruce45
May 2, 2008 7:21 PM

I used to disable third party cookies, but then I found that sites like Vanguard use them for setting up security, so I now accept all cookies. Once in a while I'll go through and delete the cookies I know are used only for tracking (like doubleclick), just to reduce the tracking, even though it is probably a waste of time.

Ron
May 3, 2008 2:10 AM

I must have some kind of fault on my machine. When I click on 'view files' I do not get what you see above. I get the same viewer as when I click on 'my computer' with the side menu. Importantly there are no headings showing and therefore I cannot sort the files. Any ideas?

Ken Crook
May 3, 2008 3:34 PM

Leo,
A neat tool to see where cookies came from is Karen Kenworthy's "Karen's Cookie Viewer". It is free at http://www.karenware.com . It shows what cookies you have, who created them, and when they were created. It allows you to delete the cookies you do not want.
A great tool for managing your cookies.

Artak
April 21, 2009 12:55 AM

I faced the same problem about two month ago and have a solution.

I add websites and keywords in exclude list of my security software (History Killer Pro) and then let the program delete all other cookies. I guess it is the easiest way to get rid of undesired cookies and keep the ones you need.

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.