Manage cookies

From Documentation
Jump to: navigation, search

Does this software delete cookies/cache/history automatically?

This is the most common question we get from our users.

If you also came here with this question in mind, we are happy to say : "yes, yes and yes". The software deletes cookies/cache/history automatically, so it is safe to manage hundreds of accounts inside the software and get away with it.

When we say "cookies", we also mean flash cookies, local storage and session storage.

If you are satisfied with this answer, you should not be wasting time reading all the technical stuff below and just rely on our expertise, because we know everything about cookies, cache and history.

But if you want to learn more about them and how exactly they are managed by the software - please read on.

A bit of theory

We all know that deleting cache/cookies/history is a must when you manage many accounts or post many ads from the same computer/browser or do other things that the websites would rather not let you do. But why is it so important and how exactly deleting helps?

First of all, we need to understand that modern browsers have features that allow Web sites to monitor your actions. For example, suppose you need to create 10 E-mail accounts. You already know everything about IPs (if not, you should read this article), and you change them regularly. However, after a 3rd or 4th E-mail, you get an error page, saying that you shouldn't be creating so many accounts at once. But how did they find out that you already created so many accounts today? Right, your browser tells them. To be precise, the Web site tells your browser to save some information on your computer (in this case - the accounts you already created). And then every time you try to create another account, the Web site asks your browser - "how many accounts did you already create?" Your browser will give an honest answer, and the Web site will decide whether to allow you create more accounts or not, based on that answer. Well, in reality it's a little more complicated than that. But the principle remains the same. How do we circumvent this? Fortunately, all browsers allow you to wipe out everything that websites dared to store on your computer. This function is known as "delete cache/cookies/history". You can find it in any browser, maybe under a slightly different name or names. So, whenever we tell the browser to delete cache/cookies/history, it will instantly remove all traces of our activity that web pages can detect through the browser. Now it will appear as if we just started to create E-mails, and we can easily make some again!

The next question is - why cache, cookies and history? What's the difference and which one does what? Let's find out by taking a closer look at each of them.

Cache

As you may know, a Web page is not a uniform stream of data. It consists of many little pieces - text, hypertext markup (HTML, XML etc.), images, scripts (javascript, vbscript etc), embedded objects (such as Adobe Flash), style sheets and other files. Sometimes, a single Web page that you see in your browser may actually consist of hundreds of different files. So whenever you navigate to such a Web page, the browser needs to load all these little pieces from the Internet to display the Web page. Now, imagine how much time it would take if the browser was actually going to hundreds of different locations on the Internet just to load a single Web page. Fortunately, every browser has a so-called Cache that helps speed up things. Whenever a browser loads one of these little files from the Internet for the first time - it is instantly stored in the cache on your hard drive. Next time, there is no need to load it from the Internet again. Easier and faster is to get it from the cache on your computer.

So, how can this Cache feature be used by the websites to monitor your activity? The answer is - THERE IS NO WAY. Cache can't be accessed from outside the browser. It is invisible to the websites and they can't obtain any information about the cache or from the cache. There is simply no way to use cache for monitoring your activity, so you can just forget about clearing the cache - it won't help.

You can easily check this and see for yourself. Go to the folder of your browser where the cache is kept. For Internet Explorer, it will be under %USERPROFILE%\Local Settings\Temporary Internet Files\Content.IE5, for Firefox - under %USERPROFILE%\Local Settings\Application Data\Mozilla\Firefox\Profiles\*.default\Cache, other browsers may use different locations. If you check the files in the cache - you will see that they are just an exact byte-to-byte copy of the original file downloaded from the Internet. There are no personal data or other information stored in the cache. Just the copies of the Web pages, images, stylesheets and scripts.

History

Every browser has this, if you open the history window in your browser, you will see the list of links to the websites that you visited recently. Every time you open a web page, the browser stores the corresponding link along with the time stamp. You may also have noticed that visited links are shown in different color (usually purple). This is related to history. When the browser displays links on your web page, it queries history database to see if those links have been opened recently (by comparing today's date/time with the last date/time of URL access (click)). If URL is found in history and date/time on it is recent - the link is highlighted in Purple color. If not - it is displayed blue.

Can this info be accessed from outside to track your actions? Absolutely not. The browser will not tell any website anything about the history. The history is managed by the browser alone and there is no access to it from outside. When you see purple links in your browser - only you can see that they are purple, the website can't. So the history also cannot be used to monitor your activity on the Web.

Cookies

Here comes the most interesting part. Cookies ARE used to monitor you. When you open any Web page, it is allowed to save any information on your computer, and then read that information whenever it wants (well, provided that your computer is on and that you are navigating to that page, otherwise it can't). Here is how this feature is usually exploited. When you open a particular Web page for the first time, it reads cookie XXX from your computer. If nothing was read, the page concludes that you open it for the first time and stores something under the name XXX, for example a number "1". Next time you open this page, it reads XXX again and sees that it is set to "1". Now it is clear to the page that it has already been opened on this computer. It increments the cookie and now stores "2" under XXX. This way, every time you navigate to this page, it knows precisely how many times it has been open on this computer. It is possible to store any kind of information along with the cookie, for example - exact dates and times when you visited the page, your account login/name (if you are authenticated), the information you submitted to the website etc.

Every cookie has a name, value, date, and some other technical info attached to it. As you can see, it is pretty easy to take advantage of this feature to monitor your actions, so if you want anonymity - cookies are the first thing to take care of.

Today we have different flavors of cookies. For example, flash cookies is a feature supported by Adobe Flash player and works almost the same way as traditional cookies, with the exception that additional actions must be taken to clear them (the standard "clear cookies" feature available in the browsers do not work for flash cookies). So sometimes websites try to take advantage of this.

Another flavor known as Local storage and Session storage. Some may argue that local storage is not exactly cookies, and technically it is correct. But practically, local storage does the same - allows websites to store arbitrary information on your computer and then read it. This beast is a native browser feature, so usually browsers clear them along with the traditional cookies.

How is this managed by the software ?

Now it's time to confess. We lied. In the beginning of the article we said that the software deletes cookies/cache/history. Well that's absolutely not true. What the software actually does is much much better than just deleting cookies/cache/history.

Let's just take another example. Suppose you have 10 different E-mail accounts (but from the same origin, let's say, Google Mail). You are a very advanced user and know everything about IPs, cookies, cache and history. You know that it is absolutely retarded to log in to these 10 E-mail accounts from the same browser on the same IP address. And yes, you are absolutely right. So you log in to account #1, do what you need, then log out, change IP, remove cookies/cache/history and log in to account #2. Do what you need, log out, change IP... etc etc etc. This way, Google will never be able to find out that all these 10 accounts are in fact operated by a single person. So far, everything looks perfect. Now, suppose you need to log in to these 10 accounts every day. You follow the same pattern - change IPs and clear browser for every account. Looks good, BUT... If you were Google, wouldn't you be a little curious WHY the same exact E-mail account is accessed from different computers every day? Technically, if Google is not able to read it's cookies from your computer (and it cannot, because you erase them), it looks to Google as if a new computer is used on every account log on. Suspicious, isn't it? Furthermore, once you cleared cookies, Google will sense that in fact Google web page was NEVER opened on this computer, which is even harder to believe, provided that Google is the most popular search engine today. You may argue that these things are of minor importance and almost no one today cares about them, because the "delete cookies" approach still works. For today, you are probably right. But I wouldn't be so sure about tomorrow, and it's always nice to be ahead of time...

So, wouldn't it be better if we could just keep a separate browser for each account, so we do not need to remove cookies every time, but instead "lock" cookies to their corresponding accounts? This way, Google would be seeing us as a returning customer, which is much more natural compared to the example above, where we every time appear as a new person with a new computer, but logging into the same account. Of course, we would have to make sure that we have separate browser for each account, and do not log in to any of the accounts from the other browsers. I hope we could make it clear that such approach is much better than clearing cookies every time. However, if you manage 100s of accounts, it is hardly feasible with just a regular browser like IE or Firefox. You just can't have 100 of different Firefox'es with its own set of cookies, and even if you found out a way to do this - it would be a nightmare to manage.

Fortunately, our software is able to automate this completely. Instead of clearing the cookies every time, it stores them together with the corresponding account. And every time it logs in to that particular account - the software uses exactly that set of cookies. So to Google, it looks like you never even logged out of the account. It appears as if you turned on your computer after a while and started your browser, which is the most natural thing to do. The software is very careful not to intermix the cookies and to ensure that cookies for account X will never be used to access account Y. You can easily make sure of that by right-clicking any account in the software and selecting "Cookies" from the drop-down menu. You will see that each set of cookies is unique for each account.

Local storage items are managed the same exact way, and you can check that by right-clicking any account in the software and selecting "Local storage" from the drop-down menu. Session storage does not require any special treatment, because it is valid only until browser window is closed (i.e. for a single browsing session), so it is not possible to use session storage for tracking.

Flash cookies are not managed at all - they are simply disabled. From the perspective of the website, you just do not have Adobe Flash player installed on your computer, or have it configured in such a way that cookies are disabled. Most websites take this for granted.