Cookie conundrum
in [UK Mac]
|
From: Phil Taylor on 30 Jan 2010 07:16 A friend of mine who is quite paranoid about security has become curious about cookies, and has noticed some strange behaviour on her iMac. (2.4 GHz Intel iMac running Snow Leopard with everything up to date.) She uses three browsers, Safari as first preference, FireFox only for sites which Safari doesn't like, and iCab for sites which absolutely require you to accept cookies. Safari and FF are both set to not accept cookies at all, while iCab is set to accept cookies only from visited sites, to store them locally and to delete them all when quitting. She does not leave programs running when not in use, and therefore never has more than one browser at a time running. Despite this, she still finds cookies appearing in the global cookie file. I have just watched while she demonstrated that there were no cookies there, then start Safari (which has google.co.uk set as its startup page) and show that the Google PREF cookie has appeared. (Note that the origin of that cookie is given as google.com, not google.co.uk) Furthermore, if she simply leaves Safari running for about five minutes a second cookie appears, apparently from bbc.co.uk and named BBC-UID. This despite the fact that she has not even visited the BBC site. Can anybody explain this? Why is the Google cookie appearing despite Safari being set to not accept any cookies, and why is the BBC cookie appearing without visiting any site other than Google?
From: Phil Taylor on 30 Jan 2010 08:12 Oh, and on my own machine (same hardware, OS version and Safari version) this does not happen. If I tell Safari not to accept cookies I don't see any. If I allow it to accept cookies and go to google.co.uk I get two cookies, PREF and NID, and both show their origin as google.co.uk, not google.com. Phil Taylor
From: Chris Ridd on 30 Jan 2010 08:34 On 2010-01-30 12:16:49 +0000, Phil Taylor said: > A friend of mine who is quite paranoid about security has become > curious about cookies, and has noticed some strange behaviour on her > iMac. (2.4 GHz Intel iMac running Snow Leopard with everything up to > date.) > > She uses three browsers, Safari as first preference, FireFox only for > sites which Safari doesn't like, and iCab for sites which absolutely > require you to accept cookies. Safari and FF are both set to not > accept cookies at all, while iCab is set to accept cookies only from > visited sites, to store them locally and to delete them all when > quitting. She does not leave programs running when not in use, and > therefore never has more than one browser at a time running. > > Despite this, she still finds cookies appearing in the global cookie > file. > > I have just watched while she demonstrated that there were no cookies > there, then start Safari (which has google.co.uk set as its startup > page) and show that the Google PREF cookie has appeared. (Note that > the origin of that cookie is given as google.com, not google.co.uk) > Furthermore, if she simply leaves Safari running for about five minutes > a second cookie appears, apparently from bbc.co.uk and named BBC-UID. > This despite the fact that she has not even visited the BBC site. > > Can anybody explain this? Why is the Google cookie appearing despite > Safari being set to not accept any cookies, and why is the BBC cookie > appearing without visiting any site other than Google? Safari goes and visits sites in the background to keep the "Top Sites" page accurate. Dunno about the google cookie, but I'd reckon that is to do with the google search field. Also type "pubsub list" in a terminal window to see what RSS feeds various clients are going to fetch and how often. -- Chris
From: Phil Taylor on 30 Jan 2010 09:21 In article <7siqqsFg6qU1(a)mid.individual.net>, Chris Ridd <chrisridd(a)mac.com> wrote: > Safari goes and visits sites in the background to keep the "Top Sites" > page accurate. Dunno about the google cookie, but I'd reckon that is to > do with the google search field. > > Also type "pubsub list" in a terminal window to see what RSS feeds > various clients are going to fetch and how often. Ah, right. I'll pass that on. If I do "pubsub list" on my own machine I see that Safari is subscribed to the Washington Post A section, and goes there every 30 min to check. I have no recollection of ever setting that up. I'd bet good money that she has acquired a similar subscription to BBC news at some point, which would account for the mysterious BBC cookie (if such cookies are immune to the preferences setting) Phil Taylor
From: Chris Ridd on 30 Jan 2010 09:37
On 2010-01-30 14:21:26 +0000, Phil Taylor said: > In article <7siqqsFg6qU1(a)mid.individual.net>, Chris Ridd > <chrisridd(a)mac.com> wrote: > >> Safari goes and visits sites in the background to keep the "Top Sites" >> page accurate. Dunno about the google cookie, but I'd reckon that is to >> do with the google search field. >> >> Also type "pubsub list" in a terminal window to see what RSS feeds >> various clients are going to fetch and how often. > > Ah, right. I'll pass that on. > > If I do "pubsub list" on my own machine I see that Safari is subscribed > to the Washington Post A section, and goes there every 30 min to check. > I have no recollection of ever setting that up. I'd bet good money > that she has acquired a similar subscription to BBC news at some point, > which would account for the mysterious BBC cookie (if such cookies are > immune to the preferences setting) The pubsub program's manpage includes how to unsubscribe various feeds. -- Chris |