[Ham-Computers] RE: More on cookies in IE6

[Don]

Aaron and the group
thanks much for the info
went to sessions cookies
that should do what i need them to do


behind a isp spam filter and virus check firewall plus virus check and 
software firewalls on each computer on the network
virus c heck run DAILY and i use spybot and adaware DAILY
also have IE set to delete temp files on exit

great list here and i have learned a lot

i got rid of 8 cookies today as compared to 25 cookies on average

again thanks

firefox/thunderbird not options i can use for reasons i wont go into here



Don
SEMPER VIGILIS
DUTY, HONOR, COUNTRY
http://www.jcmsara.org Ham radio link
http://myweb.cableone.net/wxfreqrs/  Pascagoula Ms Real Time Observations
----- Original Message ----- 
From: "Hsu, Aaron (NBC Universal)" <aaron.hsu at nbcuni.com>
To: "'I>Ham-Computers'" <Ham-Computers at mailman.qth.net>
Cc: <jandlmiller at bellsouth.net>
Sent: Friday, July 01, 2005 1:32 PM
Subject: [Ham-Computers] RE: More on cookies in IE6


> Hi John (et al),
>
> Don't fret about not fully understanding cookies and cookie handling. 
> Most
> people don't know much about browser cookies except what they hear/read in
> the news - and that's generally that "cookies are bad".  Cookies were 
> never
> meant to be bad; they are just a tool available for use by webmasters. 
> It's
> just that at some point in time, someone realized that money could be made
> by setting a cookie and tracking that web-surfer's movements.  There's
> nothing bad about the cookie itself - it's just how the cookie is used
> that's worrying.
>
> Realize that cookies are also used for legimate purposes.  Many on-line
> stores use cookies as your shopping cart.  Some sites use a cookie to 
> store
> your UserID so you don't have to type it in each time you visit (ah, 
> that's
> how they automatically know my name/userid).  Some banking websites use a
> cookie to remember the state you bank in rather than prompting you each 
> time
> you visit.  Cookies can also assist "partner" sites know where a surfer 
> came
> from (yes, this is a form of tracking, but there was no malicious intent).
>
> OK, back to the question at hand.  Some quick definitions:
>
> First-party cookie:  A cookie set by the website you're visiting.  For
> example, if you're visiting asdf.com and the asdf.com server set a cookie,
> this is considered a 1st party cookie
>
> Third-party cookie:  A cookie set by a different website/server than than
> the one you're visiting.  for example, you're visiting asdf.com and a 
> cookie
> is set by qwerty.com.  The cookie actually came from qwerty.com through 
> some
> kind of link on the asdf.com website (such as an advertsing banner).
>
> Allow:  Allow a cookie to be set
>
> Block:  Don't allow a cookie to be set
>
> Prompt:  When is cookie is received, ask the user if it should be allowed 
> or
> blocked.  Note: some websites use dozens of cookies and you'll get a 
> prompt
> for each one.  Worse, some will continually try to set the cookie until 
> the
> browser accepts it.  Highly annoying, but useful if you want to allow a
> permanent cookie to be set, but the website is using multiple cookies.
> Allows you to be "selective" in which cookie is set.
>
> Always allow session cookies:  Cookies have an expiration that's set by 
> the
> cookie's originator.  Enabling this option allows cookies that expire when
> you exit the browser.  When this option is set, it generally overrides the
> first and third party rules.  Therefore, even if you have the options set 
> to
> block all cookies, the browser *will* accept a session based cookie.  On
> many browsers, this option automatically makes all cookies session based 
> by
> modifying the expiration date when the cookie is received.  Generally,
> cookies that were previously set will not be modified if you enable this
> setting after receiving the cookie.  So if you're enabling this for the
> first time, you'll also want to clear out any existing cookies you don't
> want.
>
> In IE (for the times I use it), I have the cookie options set to Override,
> 1st: Prompt, 3rd: Block, and allow session cookies.  Again, the allow
> session overrides 1st and 3rd, so it really doesn't matter how you set 1st
> and 3rd at this point.  But, just in case some sneaky way is discovered to
> bypass session cookies, you might want to set 1st and 3rd to block or 
> prompt
> rather than allow.
>
> In Mozilla and Firefox, I set cookies to expire in the current session.
>
> Once in a while, I'll take a look at the cookie cache to see if any 
> cookies
> made their way in.  Sometimes, I've allowed a permanent cookie for
> convenience, but I haven't deleted it yet and this is the time to 
> clean-up.
>
> And, once again, I've taken up enough bandwidth.  I hope this clears 
> things
> up at least a bit (if not making things more confusing <g>).  Please let 
> me
> know if anyone needs more details.
>
> Oh, and to answer the question as to what can/can't be done if a cookie is
> set or not set.  It depends on the website.  If a website *requires* a
> cookie, then you won't be able to surf that site until a cookie is set -
> this is where session-based cookies come in handy.  Same with on-line
> shopping - as mentioned earlier, many websites use cookies as part of your
> "shopping cart".  If you don't allow cookies, then the shopping cart 
> system
> doesn't work.  Once again, session-based cookie handling is the answer.
>
> May I also suggest that you switch to Firefox?  Much safer than IE in any
> incarnation.  And use Thunderbird rather than Outlook Express for e-mail.
> Firefox/Thunderbird are not without their own issues, but they're not the
> target of most of the hacks out there like IE/OLE are.
>
> 73,
>
>  - Aaron, NN6O
> _______________________________________________
> Ham-Computers mailing list
> Ham-Computers at mailman.qth.net
> http://mailman.qth.net/mailman/listinfo/ham-computers
>
>
> -- 
> No virus found in this incoming message.
> Checked by AVG Anti-Virus.
> Version: 7.0.323 / Virus Database: 267.8.7/34 - Release Date: 6/29/2005
>
>