When you hear the term ‘Zombie Cookie’ you might get hungry, you might crave something sweet. But believe me, there is nothing sweet about the dreaded Zombie Cookie.
So let’s get on with our scary tale, shall we?
Beware Beware!
It’s that time of the year!
We are at the twilight of the Halloween season, but the scary things are still lurking in the shadows. Well, at least it may be lurking on your computer or phone.
What we are talking about is ZOMBIE COOKIE!
Cookies are much beloved in the food world. In the cyber world, it is also quite useful.
They store a small bit of information to your device in order to personalize the experience when using the website, they load the website faster.
Authenticated cookies are vital for websites to determine if the user is logged in or not.
Cookies are needed to remember pieces of information that the user previously entered into form fields such as names, addresses, passwords, and credit card numbers.
Cookies can be vulnerable or exploited by hackers if they are not encrypted or not deleted properly. They are basically small pockets of data that can be accessed by hackers if necessary measures aren’t taken.
Those with security and privacy concerns always take action by removing cookies from their devices.
But there is a type of cookie that comes back to life even after being deleted. These are the un-dead cookies, the Zombie Cookie.
So, what are they?
It’s time get serious for a few moments now. Here goes!
At first glance, Zombie cookie is just like any other HTTP cookie that websites use to store personalized information. But the twist comes when the user tries to delete these cookies.
Just like the undead zombies, they come back again & again and still tracking you. They can’t be deleted by conventional means, something that is also eerily similar to zombies.
At the least, they are an annoyance; at the most, they are a serious breach of browser security. They can leave a door open for people to exploit.
In most cases, Zombie Cookie is used by advertising & marketing websites to gather information about you, your browsing history, your habits, and your preference.
Zombie Cookie is not just limited to the browser of their origin; they are capable of tracking all your internet behavior across all available browsers on the device.
Websites use Quantcast Technologies, Specificmedia, and Clearspring to distribute such cookies and measure website traffic and gather personal profiles of website visitors.
They create Flash cookies to trace users over the internet. And more than 98% of all PC systems use Adobe Flash.
Zombies are dangerous. So is Zombie Cookie
The most alarming this about Zombie Cookie is that you probably have them on your device but don’t it yet.
It’s the silent crook that is active behind the curtain, without any inclination, stealing & sending your information to strangers.
The user is helpless if he/she doesn’t know that it’s happening, in most cases, they are not given a ‘choice’. Most people aren’t even aware that Flash stores cookies!
The Zombie cookie is buried several layers deep to avoid novice eyes.
Zombie Cookie is considered to be a very serious transgression of user’s privacy. In California, they are considered as an illegal invasion of privacy and are subjected to class action lawsuit.
In 2010, websites that use Quantcast were sued on the grounds that they had violated federal computer intrusion laws.
The court order required that all the prosecuted website companies are to erase the users’ personal information immediately and stop collecting that information in the future.
The issue came to light when a company called Turn started to use Verizon numbers to regenerate tracking cookies that users have deleted.
Verizon and AT&T users noticed their carriers were inserting a tracking number into all the Web traffic that transmits from a users’ phone.
Turn used to auction of this information to advertisers within milliseconds. When a user visited a website with zombie cookies, the company held an auction that ended in milliseconds.
The highest bidder’s ad instantly appears on the user’s screen as the web page loads.
Even Google wasn’t overlooked when it came to taking action.
In 2012 consumers alleged that Google used zombie cookie that continued to collect consumers’ browsing information even after they actively set up controls to block the use of cookies. The case ended with $5.5 million in the settlement.
Where does that leave us?
It leaves us with paranoia and a feeling of violation. Our privacy has been (and probably still is) compromised unwittingly due to Zombie cookie.
Websites had been stealing personal information and auctioning them to the highest bidders.
But fret not!
Thanks to actions taken by many people, we are currently safer from Zombie Cookie than we were before.
New browsers and applications are capable of blocking out and removing such cookies.
The curse of the Zombie Cookie probably still plagues us, or maybe they have changed to something that we aren’t maybe aware of. (Vampire Phishing?!)
Most people on the internet today are a novice in all honesty, and we are increasingly being targeted by privacy & security exploitations.
Luckily, it also the time when new security measures are being created as soon as they are needed.
Now that the Halloween is about to be over, maybe it will also take with the all the scary and nasty things haunting the cyberspace.
But always make sure to look under your proverbial bed of the desktop/phone and stay alert!