Monday, April 03, 2006

Should you take cookies from strangers?

For many readers here, this terrific web page from the National Cyber Alert System will not be news. It is all about how cookies work, and what you need to understand in order to be safe browsing the web. But it's always a good idea to brush up and make sure you grok this stuff. Briefly, this handy page, by Mindi McDowell of Carnegie Mellon University, tells you that cool little javascript programs that create moving splash pages and drop-down menus can include spyware and malicious code that can invade your computer system when you load the program to look. Then she goes on to explain cookies of various types and how they work. Cookies let you do great stuff, like keep track of what you are ordering in your shopping cart, or personalize pages, or maintain preferences. They can last just for one session, or can persist. The information here is very helpful, and you should read over it just to be sure you are practicing safe browsing.

But even if you feel quite certain you are up to speed on cookies, they go beyond this basic cookies page here. You can sign up for an RSS feed to keep up with the latest in cyber-security tips for the non-technical user. This is a great site, and I highly recommend it.

Just as your parents taught you -- think twice before you take cookies from strangers! The cookie decoration is from a K - 12 web page on web safety with the same motto: Don't take cookies from strangers! They go on to say:

Don't leave a trail of crumbs for someone else to follow you! Set your browser to just say "No!" to cookies.

From at the Safety Highway, Media Awareness for Teachers.
That's rather more extreme than practical. For instance, Lexis and Westlaw require cookies to work. But do look at your security settings on your browser, and periodically clean out cookies. Be sure you have good anti-virus software and keep it current. Be sure you have all the patches for your operating system, and keep them current -- especially if you are using Windows!

Use spyware detection software -- there is decent stuff available as shareware or freeware (try "Spybot Search and Destroy" here and "Ad Aware" from LavaSoft here). PC Magazine has a good webpage on how to remove spyware and malware here, but it is pretty technical. Beware! Some programs that advertise themselves as spyware- or malware-removers actually install some of the worst offenders. Be careful what you use on your computer! This link can be an excellent resource for information about spyware and hijacker-ware. It has an RSS feed, so it can be an convenient way to keep current. It has chat rooms and lots of info. And lastly, I think this is a good site, too.

Be careful who or what you invite in. And be careful where you leave your information, including your e-mail. Now you can change the e-mail address that your university may want to post all over its website into an image file. The robots and crawlers that are out there looking for e-mail addresses for spammers cannot recognize an e-mail address that is an image file. Alternatively, you can write out the symbol @ at. Humans will know what they are seeing, but bots and crawlers won't know it's an e-mail address. Says the woman who hasn't done any of these things herself, yet!

No comments: