Cookie Audit Pharmiweb.Com
What is a cookie and why are they used?
Cookies or also known as HTTP cookies, web cookies or browse cookies, and are small pieces of data stored on your computer when browsing websites with a web browser. Cookies are used as a reliable means by which web servers can store temporary information on your computer. Some cookies are essential for a website to work, like session cookies, while other cookies are for analysis or advertisement placement of products based on previous website browsing.
A good example of a cookie use would be where you want to place items in a shopping cart. The contents of the shopping cart would be on the webserver in its memory but can only be accessed if you know the unique identifier (typically a series of numbers and letters) of that shopping cart which is stored in the cookie on your PC. This entire process happens automatically without user interaction.
What Type of cookies is there?
First Party Cookies –
these are cookies issued by our PharmiWeb.Com webservers.
Third Party Cookies -
these are not issued by PharmiWeb.Com webservers but other webservers on the internet. Typically this occurs for targeting advertisements or traffic analysis.
Flash Cookies / Local Shared Objects –
flash cookies are created by flash movies. Flash cookies are able to store 100KB which is much larger than a standard HTTP Cookie which is limited to 4kB. When you delete all cookies in your web browser it will not clear this type of cookie because they are stored in a different part of the browser called local storage. To check your flash cookies you can visit the adobe website: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager06.html.
Session Cookies –
these cookies hold a unique Identifier which identifies you as a user. Session cookies allow the web server to tell one user from another.
Persistent or tracking Cookies:
Analytics Cookies – these cookies are used normally at an aggregate level to determine how many users are visiting a page, clicking on an advert or leaving a page early on a site. Web masters use this information to tailor their websites, monitor site activity, or determine how effective an advertisement has been.
Advertisement Cookies -
these cookies are used to keep a track of websites you have visited and then present you with tailored advertisements based on what you have recently viewed. These cookies can carry over between sites. So you might view a particular book on one site and see it advertised to you on another website.
How long will a cookie last?
Every cookie has an expiry date, but this is set by the issuer of the cookie therefore each cookie’s expiry date is unique. Cookies are sometimes set to “indefinite expiry” meaning, they never expire.
Why should I be concerned about cookies?
Cookies affect your privacy, anonymity and security on the web. Your privacy and anonymity is affected when third party companies track your movements across the web and record which sites and/or pages you visit. The usage of this type information may vary but typically it will be for selling on as aggregate statics, advertisement product placement, and/or traffic analysis. Cookies which track you across multiple sites can be seen as spyware by virus checkers and you will be promoted to remove the offending cookies.
Cookies cannot contain viruses as they are just text files and are not executable. Cookies are therefore not a direct security risk. However there are varieties of attacks that can used to gain authorised access to websites.
Cross site scripting attacks and request interception allow hackers to impersonate the user to the webserver. Cross site scripting attacks occur when a hacker is able to comprise a webserver and allows them to harvest your session id. Most modern sites mitigate this type of attack by request you enter your password again when carrying out important changes to the site like changing your password.
Request interception attacks occur when your PC has been comprised by a virus or Trojan or you access the website via unsecure WIFI which harvests you the request details. Once the cookie has been harvested the attack works in the same was as cross site scripting attacks.
Other cookie based attacks occur in faults in the way web browsers handle cookies or if the webserver does not require the cookies to be sent encrypted.
To mitigate threats security threats you should always be on the latest version of security updates installed for your operating system, an up to date virus checker, and the latest version of your browser.
The EU has created a new law (European Directive - 2002/58/EC) which requires all websites to state what cookies they use and to get prior approval to storing cookie data on your computer unless they are essential to the site operating.
Where can I find out more about cookies?
How do I manage my cookies?
All modern browsers allow you to change your cookie settings. These settings will typically be found in the 'options' or 'preferences' menu of your browser. In order to understand these settings, the following links may be helpful, otherwise you should use the 'Help' option in your browser for more details.
Cookie settings in Internet Explorer
Cookie settings in Firefox
Cookie settings in Chrome
Cookie settings in Safari
We do not recommend turning cookies off when visiting pharmiweb.com, as this will prevent you from signing in, and using many of the services on the site.
What cookies does Pharmiweb.Com use?
While we take every care to ensure all cookies are listed there maybe however some cookies used by thirty parties which are not listed below:
|First Party (Session)
||Unique identifiers given to each computer and is required for the site to operate correctly.
||Required if you wish to use the site to create a press release, event etc. Also required for job application and CV Search.
|First Party (Session)
||Persist Session to server in the web farm. Expires at end of session.
| First Party (Persistent)
||Used to detect if you user has click yes/no to the noras survey and ensures dialogue will not display again.
||See http://www.noras.co.uk/ for more information. Expires in 8 months
| Google Analytics (a third party cookie)
||__utma, __utmc, __ utmz, __utmb, __gads
|| Aggregate Traffic Analysis
|| • __utma - Google Analytics tracking cookie, expires immediately
• __utmb - Google Analytics tracking cookie, expires in 30 minutes
• __utmc - Google Analytics tracking cookie, session cookie, expires at end of session
• __utmz - Google Analytics tracking cookie, expires in 6 months, 12 hours and 30 minutes
| Quantcast(a third party cookie)
|| __qca, MC, D
||Aggregate Traffic Analysis
http://www.quantcast.com/ for more information.
__qca expires in 26 Years
MC – Expires in 2 years.
D – Expires in 3 Months
|AddThis(a third party cookie)
||These cookies are used by Add This. They track which of the social networking options you use (email a friend, send to Facebook etc). This information is only collected in aggregate form so we can tell which the most popular tools are.
||Expires in 16 Years and 7 months.
|AddThis(a third party cookie)
||ANA_SVC, PHPSESSID, SITAUD, PHPBB3_BKWCZ_U, PHPBB3_BKWCZ_K PHPBB3_BKWCZ_SID, STYLE_COOKIE
||•Expires in 1 Year
•PHPSESSID expires at end of session
•SITAUD expires in 12 Years
|AddThis(a third party cookie)
||LOC, UIT, UID, DI, DIT, UVC, USER_SEGMENT, DT, PSC
||•LOC - This is our geolocation cookie, so our publishers know approximately
where people sharing information are located Expires in 2 months
•UIT / UID - User id and login time tracking Expires in 1 day
•DI / DIT - Date tracking cookies for determining expiration of other cookies Expires in 2 years
•UVC - Unknown usage Expires in 2 years
•PSC - Unknown usage Expires in 2 years
•USER_SEGMENT Expires in 1 month
•DT Expires in 1 month
•PSC Expires in 2 years
Expires 3 in months
|Tynt(a third party cookie)
||Uid, __utma, __utmb, __utmc, __utmz
||Used for SEO optimisation and traffic analysis.
||See http://www.tynt.com/ for more information.
•uid -Expires in 7 months.
•__utma - Expires in 7 Hours
•__utmb - Expires in 7 Hours
•__utmz – Expires in 7 Hours
•__utmc - expires at end of session
|FaceBook (a third party cookie)
||DATR, LSD, REG_EXT_REF, REG_FB_GATE, REG_FB_REF
||Suspected use is to track you are as a Facebook user.
•DATR – Expires in 2 Years
•LSD - Session
•REG_EXT_REF – Session
•REG_FB_GATE – Session
•REG_FB_REF – Session
| Doubleclick(a third party cookie)
||Google’s advertising management cookie.
||•ID expires in 1 Year and 7 Months
•_DRT_ - Expires in 7 hours
|Third Party Cookie
||Allows a user to be recognised within a website so that an invitation to take the ‘NORAS’ survey is only shown to each user once.
||Expires in 90 days