While the Internet is a powerful resource and provides users with many useful and often entertaining things to see and do, it also has its dark side.

Most people are familiar with freeware, shareware, cookies, media players, interactive content, and file sharing. What they may not realize is that some of the aforementioned may contain code or components that allow the developers of these applications and tools to actually collect and disseminate information about those using them.

They can track your surfing habits, abuse your Internet connection by sending this data to a third party, profile your shopping preferences, hijack your browser start page or pages, alter important system files, and can do this without your knowledge or permission. The security and privacy implications of these exploits should be quite obvious and undesirable on any system or network!

Some Web sites store information in a small text file on your computer. This file is called a cookie.

There are several types of cookies, and you can choose whether to allow some, none, or all of them to be saved on your computer. If you do not allow cookies at all, you may not be able to view some Web sites or take advantage of customization features (such as local news and weather, or stock quotes).

A cookie is a file created by an Internet site to store information on your computer, such as your preferences when visiting that site. For example, if you inquire about a flight schedule at an airline's Web site, the site might create a cookie that contains your itinerary. Or it might only contain a record of the pages you looked at within the site you visited, to help the site customize the view for you the next time you visit.

Cookies can also store personally identifiable information. Personally identifiable information is information that can be used to identify or contact you, such as your name, e-mail address, home or work address, or telephone number. However, a Web site only has access to the personally identifiable information that you provide. For example, a Web site cannot determine your e-mail name unless you provide it. Also, a Web site cannot gain access to other information on your computer.

Once a cookie is saved on your computer, only the Web site that created the cookie can read it.

A persistent cookie is one stored as a file on your computer, and it remains there when you close Internet Explorer. The cookie can be read by the Web site that created it when you visit that site again.

A temporary or session cookie is stored only for your current browsing session, and is deleted from your computer when you close Internet Explorer.

A first-party cookie either originates on or is sent to the Web site you are currently viewing. These cookies are commonly used to store information, such as your preferences when visiting that site.

A third-party cookie either originates on or is sent to a Web site different from the one you are currently viewing. Third-party Web sites usually provide some content on the Web site you are viewing. For example, many sites use advertising from third-party Web sites and those third-party Web sites may use cookies. A common use for this type of cookie is to track your Web page use for advertising or other marketing purposes. Third-party cookies can either be persistent or temporary.

Unsatisfactory cookies are cookies that might allow access to personally identifiable information that could be used for a secondary purpose without your consent.

Internet Explorer allows the use of cookies; however, you can change your privacy settings to specify that Internet Explorer prompt you before placing a cookie on your computer (this enables you to allow or block the cookie); or you can prevent Internet Explorer from accepting any cookies.

You can use the Internet Explorer privacy settings to specify how you want Internet Explorer to handle cookies from individual Web sites or all Web sites. You can also customize your privacy settings by importing a file containing custom privacy settings, or by specifying custom privacy settings for all Web sites or individual Web sites.

Privacy settings only apply to Web sites in the Internet zone.

Notes

A first-party Web site is a Web site that you are currently viewing. A third-party Web site is a Web site other than the one you are currently viewing. Third-party Web sites usually provide some content on the Web site you are currently viewing. For example, many sites use advertising from third-party Web sites and those third-party Web sites may use cookies.

Some Web sites require cookies; therefore, if you select a setting that does not allow cookies to be saved on your computer, you might not be able to view certain Web sites.

When you change your privacy settings, the changes might not affect cookies that are already on your computer. If you want to ensure that all of the cookies on your computer meet your privacy settings, you should delete all of the existing cookies on your computer. When you return to Web sites that previously had saved cookies on your computer, the Web sites that meet your privacy settings will save cookies on your computer again. The Web sites that do not meet your privacy settings will not be allowed to save cookies on your computer, and might not function properly. Some Web sites store your member name and password or other personally identifiable information about you in a cookie; therefore, if you delete all cookies, you might need to re-enter this information the next time you visit the site.

Your privacy settings only affect Web sites in the Internet zone. For more information about zones

You can also specify custom privacy settings for all Web sites in the Internet zone or for individual Web sites. For more information,.

To import a file containing custom privacy settings, To import a file, it must be located on your computer. You can download files containing custom privacy settings from privacy organizations and other Web sites on the Internet.

 

To customize your privacy settings for an individual Web site

In Internet Explorer, on the Tools menu, click Internet Options.

Click the Privacy tab, and then click Edit.

In Address of Web site, type the complete address of the Web site for which you want to specify custom settings. For example, http://www.microsoft.com

To specify that you want Internet Explorer to always allow cookies from the specified Web site to be saved on your computer, click Allow. To specify that you want Internet Explorer to never allow cookies from the specified Web site to be saved on your computer, click Block.

Notes

You can view a list of Web sites for which you have specified custom settings in the Managed Web sites list. To remove a Web site from this list, and delete its custom privacy settings, click Remove. When you remove a Web site from the Managed Web sites list, your privacy settings for all Web sites without custom settings will apply to that Web site.

Some Web sites require cookies; therefore, if you select a setting that does not allow cookies to be saved on your computer, you might not be able to view certain Web sites.

When you change your privacy settings, the changes might not affect cookies that are already on your computer. If you want to ensure that all of the cookies on your computer meet your privacy settings, you should delete all of the existing cookies on your computer. When you return to Web sites that previously had saved cookies on your computer, the Web sites that meet your privacy settings will save cookies on your computer again. The Web sites that do not meet your privacy settings will not be allowed to save cookies on your computer, and might not function properly.

 

Internet Explorer divides your Internet world into zones, so that you can assign a Web site to a zone with a suitable security level.

You can tell which zone the current Web page is in by looking at the right side of the Internet Explorer status bar. Whenever you attempt to open or download content from the Web, Internet Explorer checks the security settings for that Web site's zone.

There are four zones:

Internet zone: By default, this zone contains anything that is not on your computer or an intranet, or assigned to any other zone. The default security level for the Internet zone is Medium. You can change your privacy settings for the Internet zone on the Privacy tab in Internet Options. For more information, click Related Topics.

Local intranet zone: This zone typically contains any addresses that don't require a proxy server, as defined by the system administrator. These include sites specified on the Connections tab, network paths (such as \\computername\foldername), and local intranet sites (typically addresses that don't contain periods, such as http://internal). You can add sites to this zone. The default security level for the Local intranet zone is Medium, therefore, Internet Explorer will allow all cookies from Web sites in this zone to be saved on your computer and read by the Web site that created them.

Trusted sites zone: This zone contains sites you trust—sites that you believe you can download or run files from without worrying about damage to your computer or data. You can assign sites to this zone. The default security level for the Trusted sites zone is Low, therefore, Internet Explorer will allow all cookies from Web sites in this zone to be saved on your computer and read by the Web site that created them.

 

 

Restricted sites zone: This zone contains sites you don't trust—sites that you're not sure whether you can download or run files from without damage to your computer or data. You can assign sites to this zone. The default security level for the Restricted sites zone is High, therefore, Internet Explorer will block all cookies from Web sites in this zone.

In addition, any files already on your local computer are assumed to be very safe, so minimal security settings are assigned to them. You cannot assign a folder or drive on your computer to a security zone.

You can change the security level for a zone; for example, you might want to change the security setting for your Local intranet zone to Low. Or, you can customize the settings within a zone. You can also customize settings for a zone by importing a privacy settings file from a certificate authority.