Why should you avoid cookies?

When you surf the internet, your device exchanges large volumes of data that can be used to track your movements on the web. This information may be used to compile detailed user profiles, which are valuable marketing tools and also highly attractive to criminals. To make yourself harder to profile, think carefully before you make use of technologies such as cookies and JavaScript. You may also need to consider using other privacy features to prevent your browsing behaviours from being recorded by advertising networks; Privacy Badger from the Electronic Frontier Foundation is just one example.

Cookies store information about your visits to websites, including form data and search terms, enabling your use of the internet to be logged. Cookies should be deleted by default when the browser is closed, or if you want to continue storing the data, you should still delete the data regularly to protect your privacy on the Internet. Some web browsers also offer incognito or private browsing modes as an alternative to deleting your cookies.

There are many ways to enable or to block cookies in browsers; here is a list of some of them. Remember that not all browsers will offer all of these options (specific details for each browser can be found on the relevant help pages, which are linked below).

• Most browsers give you the option of automatically deleting permanent cookies when you close your browser window (session cookies are always deleted automatically).
• You can allow permanent cookies, but configure your browser so that it only stores them after checking with you first.
• You can block permanent cookies, but compile a list of exceptions to allow certain websites to place permanent cookies on your system.
• You can allow permanent cookies, but compile a list of exceptions to prevent certain websites from placing permanent cookies on your system.

Cookie help pages from browser providers

• Firefox: Allowing and rejecting cookies
  Recommendations: Accept cookies but delete them when Firefox is closed.
• Internet Explorer: Managing cookies in Internet Explorer 9
  Recommendation: Perform the steps listed under "How to block or allow all cookies" and set the slider to "High".
• Chrome: Managing cookies and website data
  Recommendation: Select the option to "Clear local data when you close the browser".
• Opera: Cookie settings
  Recommendation: Select the option "Delete new cookies when I close Opera".
• Safari: Manage cookies

Preventing fingerprints

As fingerprints are based on significantly more data than cookies, it is much more difficult to prevent them from being created. Some browsers offer add-ons, or extensions, that attempt to prevent fingerprinting. However, these add-ons can also make your browser more unique, which makes it easier to identify. Furthermore, some add-ons deactivate web scripts that are required to view certain websites.

Like in many other areas of IT, this creates a kind of arms race. Browser extensions are released and just a short time later, they are being used to refine fingerprinting processes. As there are many different fingerprinting methods, it is important to regularly check the safeguards you have in place and ensure that they are fully up to date. This is the only way to make sure that your browser extensions can respond to new developments and provide adequate protection against tracking mechanisms.

JavaScript security

Recommendations for secure use

The JavaScript script language is constantly misused by hackers and criminals to obtain access to computers. In certain circumstances, JavaScript allows criminals to penetrate systems. It also often contains errors and unpatched vulnerabilities that can be exploited by unauthorised parties. The only reliable way to protect yourself against these kinds of attacks is to deactivate JavaScript. Although doing so may restrict the functionality of certain online content, your computer will be significantly more resistant to attacks from malicious intruders. We have provided instructions for configuring the most popular browsers below. If your browser isn't in the list or the instructions don't match what you see on your screen, contact the developer directly for more information.

Mozilla Firefox

1. In the Firefox address bar, type the command "about:config" and press enter. The screen will display a warning asking you to confirm you are aware of the risks; confirm this message.
2. In the search field, enter "javascript.enabled". This locates the required entry. The value will generally be set to "True".
3. Right-click on "javascript.enabled" to open a menu. In the menu, select "Switch". The value changes to "False" and JavaScript is now deactivated.
If this route does not work in your version of Firefox, contact Mozilla to find out how to configure your settings.

Microsoft Internet Explorer

1. Click on "Tools" on the top edge of the screen. Then click on "Internet options".
2. Select the "Security" tab and then click on "Change level".
3. In the "Scripting" section, deactivate Active Scripting and Scripting of Java applets. Then click OK.
This enables you to eliminate multiple sources of potential risk at once. If you find that some content no longer works or is not displayed in the normal way, you can change the settings back for short periods of time.

Google Chrome

1. In the right-hand corner of the screen, click on the menu button and then on "Settings".
2. At the bottom of the page, under "Show advanced settings", select "Data protection and security" and then "Website settings". Under "Allowed (recommended)", move the slider to the left so that it is set to "Block".
Note: If necessary, you can allow specific websites under "Allowed"

Apple Safari

1. In the menu bar on your Mac, click on "Safari" and then on "Settings".
2. Go to the "Security" section. Uncheck the box that activates JavaScript.

Microsoft Edge

In the latest version of Windows 10, there is no option to deactivate JavaScript.