Top Lock
Anonymizer.com   Bottom Lock


SUPPORT CENTER:
Anonymizer Privacy Manager
Anonymizer Private Surfing
Anonymizer Privacy Toolbar
Total Net Shield
Anonymizer Dialup
Other Software






Why the Anonymizer uses cookies

We use cookies because they are the easiest and least invasive technology available through which we can provide you with a complete and customizable surfing environment. Any other choice of technology would either put your anonymity at risk or interfere with your ability to browse the web in a robust manner. Read on to find out why. Note however that the discussion is necessarily a bit technical because the subject matter is itself technical in nature. A more general treatment can be found in our Cookie Authentication FAQ.

Why we use cookies for authentication

To provide a customizable environment to our users requires authenticating them in some manner. Using any method other than cookies would be unacceptable:

  • An IP address database
    This method would involve storing a secure hash of your IP address in a database every time you log in. These entries would then be checked by our servers every time a page is loaded to ensure that someone with the client's IP address is in fact one of our users. This method is unacceptable for a variety of reasons. The proliferation of users behind firewalls and cooperative caches means that many users could share the same client IP address -- hence we would be unable to provide everyone with a customizable environment. In addition, users who have "floating" IP addresses would be forced to re-authenticate each time their IP address changed.
  • Basic HTTP Authentication
    The familiar "User ID" and "Password" box popped up by your browser when you access passworded sites is totally unacceptable: it sends your username and password in plain text across the network every time you load a page.
  • Using Digest HTTP Authentication
    Digest Authentication is an improved version of Basic Authentication that sends your password securely to our servers. Unfortunately, most user agents (web browsers) do not yet support this option.
  • Proxy HTTP Authentication
    Like Basic Authentication, Proxy Authentication is insecure; it sends your password across the network in plain text. In addition, using this method would prevent you from using any other proxy that requires authentication at the same time. This would mean that users behind some firewalls would not be able to use our service.
  • Client-side solutions
    Requiring our users to install any kind of software or certificate on their computers would have some serious drawbacks. First, doing so would mean that users would be limited to using the Anonymizer from the small set of computers upon which such software or certification was installed. It would prevent users from using the service while traveling and from any computer to which their access privileges were limited. Second, such solutions tend to be platform or browser specific; there is no way to easily implement such technology so that it will be simultaneously compatible with a wide variety of environments. Third, it would be infeasible to ensure that such technologies could not be used by other people with access to the client's computer. And finally, using client-side software or certification has the undesirable effect of leaving a permanent and obvious trail on the user's computer.

When we verify your username and password via secure form submission to our login page, we issue you an authentication cookie that disappears as soon as you quit your browser. This is what is referred to as a session cookie. You can read about our Cookie Authentication and the content of the cookie itself in our Cookie Authentication FAQ.

Aren't cookies dangerous?

Like many technologies, cookies are both beneficial and potentially dangerous at the same time. We have taken great care to ensure that our use of cookies is both responsible and cryptographically secure. Our cookies are "session-only" which means that as soon as you turn off your browser, they are erased. Your username is the only piece of information about you contained in the cookie and it is encrypted so as to be unintelligible to anyone examining it. In addition, you have our legal guarantee that we do not track, store, reveal, or sell any information about you or your browsing habits.

So what cookies do you set?

Please see our complete list of cookies that the Anonymizer sets.

Contact Us | Terms of Use | Privacy Policy | ©2003 Anonymizer.com