Mozilla Explains: Cookies and supercookies

Every time you visit a website and it seems to remember you, that’s a cookie at work. You might have heard that all cookies are bad, but reality is a bit more nuanced. If you’re new to understanding how it all works, we’re here to help.

What are cookies?

You already know cookies are tasty baked treats, and you might also know a few Cookies personally. Cookies are also technology tidbits used by websites. These cookies are small data files stored on your computer by websites you visit. They often save your settings for a site, which can be beneficial. Most people find it convenient for a website to remember some information like logins, language preference, items in a shopping cart, things they looked at last time they visited (like those daffodil yellow beach sandals that are just about to sell out) and so on.

Silent, behind-the-scenes personalization like this is made possible by cookies that are managed by the website itself. Through cookies, the shoe site is able to greet you 👋 and remind you about those beach sandals right away because you looked at them last time.

Some cookies are helpful without tracking you. They do a sweet job on the website and that’s all. Other cookies collect your data and then share it across other websites through cross-site tracking. Not always so sweet.

What are cross-site tracking cookies?

Cross-site tracking cookies are stored on your computer by websites you visit. They’re inserted by data collection firms, advertising networks and analytics companies — third parties that use cookies to track you, profile you, and retarget you with ads. Tracking cookies follow you from site to site to follow what you do online and report back to their owners, those third parties.

Tracking cookies can hitch a ride through ads, social media (like the “like” button), tracking pixels (a tiny image tucked into the website code) and scripts in the background. So as you’re browsing summer footwear trends, tracking cookies are taking notes, passing that information over to their owners who may in turn blast you with ads for sandals and beach vacation packages when you browse elsewhere on the web.

As people are getting smarter about blocking and deleting tracking cookies, ad technology companies are turning to other data collection and tracking methods like supercookies.

Tip: To see what tracking cookies Firefox has blocked for you, just type “about:protections” in your browser bar to explore what Firefox is blocking behind the scenes. While the number of trackers you block fluctuates depending on the sites you visit, Firefox users collectively block more than ten billion trackers daily worldwide!

What are supercookies?

First, let’s clear one thing up. Supercookies aren’t cookies. But they’re similar. And worse.

Supercookies are another type of tracker that acts like cross-site tracking cookies by collecting your data and reporting it back to their owners. Normally cookies are stored in a cookie folder, so if you clear that cookie folder, all the tracking cookies would get deleted. Not so for supercookies. Security researchers have discovered supercookies hidden in more obscure parts of the browser, mainly your browser caches.

What’s a cache? It’s temporary storage for things like your browsing history, images and code. Cached data is saved locally on your computer (vs on the interwebs) so it doesn’t need to be re-downloaded every time you visit the same sites, which speeds up your browsing and helps you use less bandwidth.

Hiding supercookies in the cache is sneaky and kinda rude if we’re being honest. Clearing your cache can help you get rid of most supercookies, but that’s inconvenient because you lose the benefit of caching data in the first place. It’s also impractical because if you have multiple websites open simultaneously, the cached supercookies can still communicate with each other. Dealing with this is super messy for the everyday person. But there is a solution.

How can you control cookies?

When it comes to tracking, the best offense is a strong defense by preventing trackers from getting on your computer in the first place. Firefox blocks cookies from known trackers and scripts from known fingerprinting companies, a solid first line of defense.

Still, the task of stopping trackers is like a game of whac-a-mole. Something new is always popping up, like supercookies have. The better solution is to cut off trackers’ ability to communicate across sites, which you can do in Firefox.

READ ALSO:

Privacy Policy

The latest privacy option in Firefox “Strict Mode” maintains a separate “cookie jar” for each website you visit. Any time a cross-site cookie or supercookie shows up in your browser, Firefox locks it up in a cookie jar which is assigned to the website that introduced it. Those cookies aren’t allowed to be shared with any other website so their cross-site sharing capabilities are limited.

Worrying about cookies and trackers is no fun, and you surely have other things to think about. Firefox is here to take on trackers and protect what’s important — your privacy, security and experience online. We battle the trackers so you can get on with life with less creepy tracking and ad targeting. Whether or not you snag those daffodil yellow EVA beach sandals is no one’s business but your own, and maybe your best friend who has the same shoe size.

Similar Articles:

Firefox to Warn When Saved Logins are Found in Data Breaches

Firefox to Warn When Saved Logins are Found in Data Breaches

Cookies and How You’re Tracked Online

Cookies and How You’re Tracked Online

Has the battle for privacy already been lost?

Has the battle for privacy already been lost?

I found a loophole to prevent those pesky cookie notices 👀

I found a loophole to prevent those pesky cookie notices 👀