Explorer: Shut your cookie hole

Websites can install cookies, even if you prefer carrots

Recently we found out that there are many sites on the Web which have technical errors that cause Microsoft Internet Explorer to install cookies, even when the browser’s settings are supposed to block them.

Now, I’m sure we all know the incredible invasion of privacy that cookies represent. They reside on our computers and accumulate all sorts of data about our browsing habits, and in exchange they make our browsing life just a teensy bit easier, by remembering our preferential settings for certain sites. Most people have become wise to their game, and have set their browsers to disallow these pernicious information collectors from gathering their ill-gotten gains and reporting back to their masters. Only apparently that isn’t enough.

A technical paper released by CyLab at Carnegie Mellon University outlines the discovery of a glitch that exists on over 11,000 web sites, including 21 of the 100 most-visited ones. Apparently when a website’s compact policy is invalid in a certain way, IE doesn’t know what to do with it, and lets it on through, even though the user might have set the browser to reject certain types.

Now, sure, it is possible that every single one of these websites made a mistake. Perhaps they all mistyped or made other errors when creating the CP. Sure. But when you look at sites like Facebook, whose CP had only two of the requisite minimum five codes, chances are most of them decided to use the opportunity to push their cookies that would otherwise be rejected by IE.

My guess is in the next few weeks we are going to see a lot of, “Oh, sorry, we’re fixing that error now,” and, “We had no idea,” from those sites. Sure. As long as you fix it, I guess we’ll play along. And Microsoft could always fix the browser too, something I would bet they are working on as you are reading this.

About the Author

Greg Crowe is a former GCN staff writer who covered mobile technology.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.