Controlling cookies in IE

Hi all

I, and I'm sure a lot of you, use Spybot and AdAware to rid your computer of spyware. I've noticed that it seems these programs always remove basically the same cookies each time the programs are run.

What I'm wondering: Can IE be used to block these unwanted cookies? Maybe in the Restricted Zone? I entered www.doubleclick.com in the zone but still get cookies listed as dopey@doubleclick.com. Could I place this in the restricted zone to keep it from getting to my computer or is there another way to do this?

Don't want to go to third party programs to do this because it seems I have to give up more for the little I get.

Thanks

 

Restricted sites simply limits the things the cookie is allowed to do. Doesn't work for keeping them off your PC.

An entry in your hosts file such as the one below won't keep the thing off your PC but will prevent it from functioning to send any information anywhere which basically deactivates it.

127.0.0.1 www.doubleclick.com doubleclick.com

You can also go into tools~internet options~privacy~web sites and enter any you want with instructions to block them. But that only prevents specific web sites from placing a cookie on your system. I'm not positive but I don't think it would stop the doubleclick cookies, for instance, since they are being placed on your PC by sites other than doubleclick.com. If I'm wrong on this, hopefully somebody will set up both straight.

 

dopey--Hello again!
The below assumes you are using IE6.
How to
1) not get cookies, and
2) get rid of them when you do
#1 Lots of methods. You have mentioned "entering www.doubleclick.com in the zone" so it seems you have clicked on Privacy tab|Edit . Now that says that it will block any cookies from URL's entered there. So I am not sure why you are still getting cookies from sites entered. Perhaps you are not entering the URL's correctly, but see my P.S. for another possible explanation. You do not need the www., but I think www. is automatically deleted when you put it into the "Address of Web Site "|Block line. However, you might check that. I am almost sure putting "dopey@" in the URL is not going to work, but you have nothing to lose by trying. Also on the Privacy window before you click Edit, you have the option to set the level of refusing cookies for Restricted sites. The blocking of all cookies from sites entered in the Edit window should override these settings, but it does not hurt to have the slider set at least at Medium High. There is also a fellow who makes it easy to enter several thousand sites to the Edit window Blocking. See IE SpyAds. (And you know the URL will be correctly added, when you use IESpyads.
http://www.staff.uiuc.edu/~ehowes/resource.htm
Arie (Windows BBS Admin.) has recently written a short tutorial on the subject.
http://www.infinisource.com/techfiles/surf-safe.html
And then there is the HOSTS file.
http://www.smartin-designs.com/
http://www.accs-net.com/hosts/
Essentially it completely denies access to the sites entered. The main drawback is that you have to use exactly the right URL to block.
#2 is simple. Use a cookie manager. I personally use Cookie Jar
http://www.jasons-toolbox.com/cookiejar.asp
You can see that it will tell you what cookies you have acquired since the last time you ran Cookie Jar and then gives you the options to Keep (Allow), Delete, or even put into the Banned Jar, so it functions a little like the methods in #1, but only for the future. You have to get the cookie first. It also permits a quick review (under Allowed Jar) of the cookies you now have on your PC and you can delete any of them you don't want.
P.S. IE, under the Privacy tab says it blocks certain cookies, but that is not quite true. IE does not block cookies from "legacy" sites. I will not go into the details, but basically it means if you had a cookie from a site on your PC when you last installed/updated IE, new cookies from those sites may not be blocked in the future, apparently even if you now scoured your PC of all such cookies. Cookie Jar's Banned Jar might help here.
Good luck.
Oh, one other thing. Cookies are .txt files. That's what IE claims it can block and what Cookie Jar spots. There are other nasties that can report back on you when you visit a site that download as .js or sometimes .vbs files. You need Spybot or AdAware to catch them.
EDIT--It took me so long to type the above that Newt long beat me to posting. Maybe it won't hurt to hear some things twice!

 

AFAIK, doubleclick cookies are served by doubleclick servers and, therefore, blocking third-party cookies should be sufficient to prevent 'em (unless you happen to visit doubleclick's homepage!).

More than you ever wanted to know!

 

Hello dopey,

I use IE's restricted site to enter cookies that I don't want on the HD. Jim outlined the how to very well.

No need to put in www - IE will place an asterick in front of the entry, known as the wild card indicator. That takes care of any variation in front of the entry.

Example: enter doubleclick.com - ends up being *.doubleclick.com

Do not like using the Hosts file for this purpose, has the potential of keeping the user out of domains, when all you want to do is just keep the cookies out.

Regards - Charles

EDIT: Newt, I can't post here if I enable 3rd party cookie blocking.

There are some sites that will "drag" you thru doubleclick's servers on a backtab for instance. So if there is a Hosts entry for it, can't backtab.

 

dopey--It just occurs to me that maybe you entered www.doubleclick.com in the Internet Options|Security tab|Restricted sites|Sites window| in the "Add this Website to the Zone" line, rather than in the Privacy tab|Edit window. The former, indeed, will not block cookies, but only, as Newt as said, restrict the performance of the site on your PC. The latter is indeed supposed to "block" cookies.
What brett has said is quite correct, but unfortunately the "legacy" situation may overrule the supposed "third party" blocking.
Again all this assumes you run IE6. IE5 does not have the Privacy tab.

 

Jim,

I assure you that in the restricted tab, where I've entered a LOT of cookies to be blocked, they do indeed get blocked. Have never entered anything into the privacy tab area, so don't know 1st hand what that does.

Don't remember if IE5.5 had a pivacy tab or not, but it does have a security tab and was just as good as IE6.0 at blocking cookies in this fashion.

Regards - Charles

 

Hi all

Forgot to mention I've got 5.5. I scanned your posts long enough to see that I'd forgotten. Now gotta go back and read them. Thanks.

 

Hi again

Very good reading. Thanks a heap for the info.

Decided against using hosts. The cons are more troublesome than the worth.

SpyAds sounds good but there's all that uninstalling and reinstalling.

WelshJim: CookieJar: It lets me see what cookies I have on comp and gives me a choice to keep, delete, or ban. If I ban them, then delete them, will it continue to keep them off my comp? How exactly does it work? Since you use it I figure you could give the scoop. I'll read about it later.

Thanks also for the links. Between the reading there and the replies here, it helped put it together for me.

Charlesvar: If placing the .doubleclick.com works in the restricted site of IE5's security, thats all I really need. Thats what I was asking to begin with, just forgot to post I'm using 5.5 instead of 6. I see the same cookies over and over again and just want to put a stop to specific ones, the crappy ones.

Newt: If placing the cookie in the restricted sites only limits what a cookie can do but still places it on my comp, does it at least stop the cookie from reading info about me and sending that info back to its origin?


Thanks everyone for the replies.

 

Newt: If placing the cookie in the restricted sites only limits what a cookie can do but still places it on my comp, does it at least stop the cookie from reading info about me and sending that info back to its origin?

Maybe. Depends entirely on if the cookie sends info back in a manner you have blocked for restricted sites or not. Also probably depends on how your firewall is set if you run one.

Re: hosts file - in general I don't tend to put much stuff in there because as noted, you won't get to any site if you have them matched with 127.0.0.1. But in the case of sites like doubleclick.com that I am sure I have no desire to visit, not a problem.

As to 3rd party cookies being needed to post here, ????

I have this site set as a normal 'internet site' at home and I don't remember ever allowing 3rd party junk from here. Maybe I did but I certainly don't remember it.

 

Newt,

I have a big hosts file. If ever I want to go to a site that's restricted in the hosts file, eg. doubleclick.com, I get its IP address from here, and paste it over the name of the website and then it's accessible.

lee

 

Hi Newt,

*As to 3rd party cookies being needed to post here, ????*

This thread got me to revisit this issue. Turned out not to have anything to do with IE, but with ZA PRO. There is an option to not allow 3rd party cookies regardless of whether they have "privacy" policies or not. So its just a blanket blocking of any 3rd party cookie. Thats what I had to turn off. And not for this site. Have it on right now.



Dopey,

Doubleclick uses .net domain as well. So it has to be two entries for doubleclick: doubleclick.com and doubleclick.net

Regards - Charles

 

charlesvar--

I do not mean to be argumentative, but what the Restricted sites |Sites window reached from IE6's Security Tab says is "All web sites in this zone will use the Zone's security settings ". Those security settings have to do with Active Scripting, Java, ActiveX, but not with blocking cookies. Now, of course, MS does not always mean what it says, and vice versa, but (once again, to accept what MS says) to block cookies in IE6 you have to use the Privacy tab slider or enter a specific site into Managed Sites (clicking on Web Sites|Manage).
dopey does not have the Privacy tab, though I seem to remember there was a Block Cookies setting (perhaps on the Advanced tab??) in IE5.5.

 

dopey--

How it works, I cannot say, since I did not write the program.
But if you see a site's name in the Undecided Jar, the site has put a cookie on your PC and the buttons to the right let you Delete it (when you first highlight the name), put it into Allowed Jar or put it in the Banned Jar.
Once in the Banned Jar, Cookie Jar should no longer allow cookies from that site to download to your PC. But you do not Ban and then Delete. Just highlight and click that you want the cookie sent to the Banned jar. The name will disappear from the Undecided Jar and now appear in the Banned Jar.

 

Hi Jim,

Let me describe what happens on this site for instance.

First, I have no sites - meaning domains - in either the restricted or trusted zones.

This site, when first brought up, will have the internet logo on the lower right hand corner. If I go to one of the boards, right now IE/OE, this sight wants to download an ad server cookie. When IE blocks it, the restriced symbol - red sign with white bar - appears next to the internet zone whose label changes to Unknown Zone (mixed). The ad server cookie gets blocked. I can even see it happen in the cookie stream of the privacy report - "blocked" next to this cookie: www.infnisource.com/adserver/adlog.php - the way I entered it was infinsource.com = *.infinisource.com after IE adds the wild card indicator.

So the path that I'm using to block this cookie is: security tab > restricted sites > sites - in the second panel > restricted sites dialog box > "add this website to the zone" in the form that was discussed above: w/o the www.

In the privacy tab, I don't see any specific blocking ability, only blanket coverage per zone. In the advanced - on mine greyed out, because I haven't ticked the "override" option. The slider is set at medium, which I think is the default.

It might be that MS didn't envision it's use this way, but it works. It also worked on IE5.5 on WinME. No "Privacy Report" option of course in 5.5

In the bottom panel under the privacy tab, that seems to a choice of allowing all cookies from www.widowsbbs.com or blocking all cookies from www.windowsbbs.com. Perhaps I'm mistaken.

Regards - Charles

 

I've put a few cookies in 5.5's restricted site and so far its doing pretty good. Of course one day isn't enough of a test so I'll see how it goes. Cookie Jar sounds pretty good. If IE won't cooperate it'll make a fine backup. Thanks for all the responses.

 

Hi John - really don't want to address anyone as dopey

This methodology is a carryover from 5.5, which did not have a privacy tab. So when I got XP and IE6.0 along with it, just carried on with the way I did it on WinME.

I'm going to experiment with the privacy tab the next time I have a cookie to block.

What I rely on to tell me if I have a tracking cookie on the HD is Ad-Aware & SpyBot. Then make the decision whether to add it to the restricted zone or not.

Regards - Charles

 

Hi Charlesvar - dopey is my wife's idea, her favorite dwarf

SB and AAW is what I use also. I noticed that they blocked the same cookies all the time and that prompted me to start this thread. Find a way to block them so I wouldn't have to be pestered with the same persistant cookies all the time. I didn't know if the restricted zone could block a cookie like it does a web site so I asked. Thanks for the response. Much glad to know that I didn't have to type the www each entry.

 

charlesvar--

Hey, whatever works, works. But do not forget that infinisource.com is third party when you are on a windowsbbs.com site. So it may be the third party status (Under the Privacy tab) that is doing the blocking, even though windowsbbs and infinisource are related, corporately.

P.S. I know dopey's real name. Bashful told me.

 

Hi Jim,

Just to pick a nit

The 3rd party cookie is blocked if no privacy policy or the privacy policy is "wrong ". When the slider is set to medium, IE will accept the thrd party cookie if the privacy policy passes muster. Besides which, prior to adding the cookie to the restricted zone, it downloaded, and the privacy slider was set the same way.

In one of my previous posts, I wrote to Newt that I couldn't post here if I blocked 3rd party cookies. That blocking I did with ZAP, not IE, and that no longer happens; it doesn't happen because I now block it with IE. The inference is that with using IE to block this way, to the site, everything appears normal. Have experienced that with all sites that dispense any cookie thats in that restricted zone. Hope this is all clear

The next time I add a cookie, Ill try it in the privacy tab.

Run 2 OSes and forget what process does which

Regards - Charles