Computer cookies, those tiny little pieces of temporary data websites store on your computer or mobile device to remember your preferences and other data about you, are an important part of what makes the web operate so smoothly. Useful though they are, however, many people prefer to turn them off on a session-by-session so that websites can’t track your past steps. It’s one of the most basic moves to protect your privacy online that you can take.
In the past, enabling and disabling cookies has been easy – you simply needed to enter your favorite web browser’s privacy settings. But according to Ars Technica, a security researcher named Sam Greenhalgh has created something he’s calling “HSTS Super Cookies.” This new type of cookie persists and continues to track your web session even if you switch your browser to incognito mode. Even more worrying, these super cookies can be read by all websites, not just the one that issued the file.
The Super Cookie is still just a concept – there’s no evidence that websites have put the hardy temporary files to work for malicious purposes. Thankfully though, at least one browser has taken action to protect your privacy against the potential threat. The latest build of Mozilla Firefox (Techlicious’s pick for the best web browser) doesn’t allow super cookies set in regular mode to stick around when you switch over to private browsing. Microsoft’s Internet Explorer isn’t vulnerable either, Ars Technica explains, but that’s simply because the browser lacks the technical capability to support them.
If you’re using Chrome or Apple’s Safari browser, however, you’re at risk. We recommend you download and use Firefox (for reasons that go well beyond this super cookie issue). But if you want to continue using your existing browser, be sure to delete all your cookies when switching between private and standard browsing modes. Existing super cookies on your computer can be read and tracked while you’re in privacy mode, but so long as you’re not using the mobile version of Safari, no new super cookies can be issued when browsing incognito.
To learn more about these new super cookies, visit the Ars Technica website.
[Computer cookies via Shutterstock]