WiseCleaner Think Tank
Encounter difficult computer problems?
All about maintenance and optimization of your Windows System.
Feb 8, 2021
Cookies are small pieces of data sent by the server to the user's web browser. It remembers that the stateful information browser of the stateless HTTP protocol can store it and send it back to the same server with future requests. Usually, it is used to determine whether two requests are from the same browser, such as keeping the user logged in. Cookies are mainly used in the following 3 aspects:
Session Management
Store the user's login name on a specific website, shopping cart list, game score, or any other content that the server should remember. This saves users from having to log in repeatedly every time.
Personalization
Store user preferences, themes, or other settings. Remember the user's special preferences for a certain interface, such as color, border settings, etc.
Tracking
Record and analyze user behavior. Cookies can be used to track the user's habit of visiting the website, such as when to visit, which pages are visited, and how long they stay on each page. This information can not only provide users with personalized services but also can be used as a tool to understand user behavior, which has a certain reference value for the improvement of website marketing strategies.
In short, storing cookies can make the user experience better. Of course, every coin has two sides, as do cookies. Let's talk about some of the disadvantages of cookies.
Most websites use cookies as a unique identifier for user sessions, because other methods have limitations and loopholes. If a website uses cookies as a session identifier, an attacker can impersonate the user's request by stealing a set of users' cookies. From the perspective of the server, it cannot distinguish between the user and the attacker, because the user and the attacker have the same authentication. Typical examples are cookie embezzlement and session hijacking.
Network eavesdropping
The traffic on the network can be intercepted by any computer on the network, especially the unencrypted open WIFI. This kind of traffic involves sending Cookies on a normal unencrypted HTTP request. In the case of unencrypted, the attacker can read the information of other users on the network, including the entire content of the HTTP cookie, in order to carry out an attack in the middle. For example: blocking Cookies.
To pretend to be a user to perform malicious tasks, such as bank transfers.
Cross-site request forgery(CSRF)
Generally speaking, the attacker will forgery the user's browser request and send it to the website that the user has verified to visit, so that the target website will receive the request and mistake it for the user's actual operation and execute the command. It is usually used to steal account numbers, transfer funds, send false messages, etc. For example, Alisa may be browsing a chat forum where other users Sarah post messages. Suppose Sarah makes an HTML image element that references the Alisa Bank website, for example:
img src ="http://www.bank.com/withdraw?user=Alisa &amount=8888888&for= Sarah"
If Alisa’s bank saves its authentication information in a cookie, and the cookie has not expired, then Alisa’s browser will try to load the image and use her cookie to submit the withdrawal form, thereby authorizing the transaction without Alisa’s approval.
Should we remove Cookies? Under normal circumstances, users do not need to delete cookies. However, when encountering financial transactions, confidential information, etc., it is best to delete Cookies. Users can choose carefully according to their actual situation.
According to the different needs of users, the products of WiseCleaner have also customized related service functions. Both Wise Care 365 and Wise Disk Cleaner can delete cookies. Let us take Wise Care 365 as an example.
Open Wise Care 365, click System Cleaner, and then click Common Cleaner. It can be seen that there is a Cookies option at the lowest end of the page, this option is not checked. Wise Care 365 will not check Cookies by default and perform the following operations. Users can confirm whether they need to delete according to their actual situation.
This function is also reflected in Wise Disk Cleaner, the operation method is the same as above.