This material was developed with funding from the
National Science Foundation under Grant # DUE 1601612
Congrats you have collected your fourth cookie of Level 1. Congrats you have completed Level 1.
Because the data in cookies doesn't change, cookies themselves aren't harmful. The risk of cookies is in their ability to track individuals' browsing histories which can pose a privacy and security concern.
With the successful completion of Level 1 you continue to the next level but be aware that the cookie thief is rapidly approaching you as well.
Congrats you have collected your first cookie of Level 1.
Cookies are small files that contain small pieces of data — like a username and password — which are stored on a user's computer. Cookies are exchanged between a user's computer and a web server to identify specific users. This allows the server to deliver a page tailored to a particular user, or the page itself can contain some script which is aware of the data in the cookie and so is able to carry information from one visit to the website (or related site) to the next. The name "cookie" comes from "magic cookies," coined by web browser programmer Lou Montulli. The term refers to packets of information that are sent and received without changes.
Level 1 Complete!
Persistent cookies remain on a computer indefinitely, although many include an expiration date and are automatically removed when that date is reached. Persistent cookies are used for two primary purposes: authentication and tracking. Authenticating cookies track whether a user is logged in and under what name. Tracking cookies track multiple visits to the same site over time.
Session cookies are used only while navigating a website. They are stored in random access memory and are never written to the hard drive. When the session ends, session cookies are automatically deleted. They help the "back" button or third-party anonymizer plugins work to help maintain user privacy.
Oh no! Click the cookies not the monsters
Congrats you have collected your second cookie of Level 1.
In general, cookies come in two types: session and persistent.
Congrats you have collected your third cookie of Level 1.
Third-party cookies are generated by websites that are different from the web pages users are currently viewing. Third-party cookies let advertisers or analytics companies track an individual's browsing history across the web on any sites that contain their cookies. Some third-party cookies may be zombies. Zombie cookies are permanently installed on users' computers, even when they opt not to install cookies. They also reappear after they've been deleted. Like other third-party cookies, zombie cookies can be used by web analytics companies to track unique individuals' browsing histories.
A hacker has been up to no good and has been adding third party cookies to websites and collecting them once they contain tracking, sensitive, or personal information. Your mission is to collect up all the cookies he has been using to stop this cookie collecting monster. Then use the clues on the backs of these cookies to determine which monster is the hacker.
To begin enter your name.
Congrats you have collected your first cookie of Level 2.
To see what cookies are used on a website you will need to check how to do this within your browser.
For Chrome, click Settings and under "Privacy and security," click Cookies and other site data. Click See all cookies and site data.
For Safari, right click on the web page, then go to Inspect Element. This will open the developer console. From the console go to the Storage tab and expand the Cookies drop-down to see the list of the cookies that the website uses.
Congrats you have collected your second cookie of Level 2.
Congrats you have collected your third cookie of Level 2.
Cookies can be hijacked when a user session is taken over by an attacker. A session starts when you log into a service, for example your banking application, and ends when you log out. The cookie hijacking, also known as session hijacking, attack relies on the attacker’s knowledge of your session cookie. If hackers can access your computer or your network, they can probably steal your cookies by using a Firefox extension called Firesheep. Firesheep uses a technology to detect and copy cookies that are sent over a wireless network. As the extension discovers cookies, it creates a list on the hacker’s computer. They can then simply click on the cookies, and the server is then fooled into treating the attacker’s connection as the original user’s valid session.
Congrats you have collected your fourth cookie of Level 2. Congrats you have completed Level 2.
One way to limit your exposure to hackers stealing your personal information is to actively manage cookies, clear cookies on a regular basis, and never store credit card information on a site. Deleting cookies does have one drawback however – you will have to re-enter passwords and personal information each time you logon to a website. This may be inconvenient, but it is also safer.
Level 2 Complete!
Now that you have studied the clues, click to choose the suspect you feel is the cookie hacker from the lineup below.
Click the suspect below.
Now that you have collected all the cookies put out by the hacker, look at the cookie clues you have collected and piece them together to see if you can determine which of the monsters is the hacker. To see the clues, click on each cookie and the clue will open. Review all 8 cookie clues before making your selection.