How does mobile data caching work

The information portal for safe cell phone use

What is tracking

Tracking is used when the behavior of people is observed and analyzed across multiple websites. For example, data collectors are interested in which links they click, which products they buy, which data they enter in forms, and so on.

Combined, this information creates profiles that allow conclusions to be drawn about the interests, purchasing power or personal preferences of users. In order to expand such profiles, people must be recognizable on different websites.

So-called trackers take on this task. At first, it is not possible for users to see whether trackers are integrated into a website. Only special programs make their presence visible.

How does tracking work?

When you call up a website, your browser transmits some standard information to the server on which this page is located. This includes your browser version (e.g. Firefox 82.0), the names of browser plug-ins, operating system version, size and resolution of your screen, which language you have set and much more.

The common browsers also transmit your IP address and the Internet address from which you came to the site. In addition, the browser and web server communicate with each other as to whether you have visited this website before.

This exchange of information actually serves to make surfing easier for you. But data collectors use it to learn more about users on the Internet.

Cookies

Cookies are small text files that the web server stores on your smartphone or laptop. This includes, for example, an identification number, which language you have selected on a website and further information. If you call up the page again, your browser automatically sends the cookie to the web server. As a result, the web server recognizes you and knows that you have already visited the website.

A cookie can only ever be set and read from a specific website. It is therefore tied to an Internet address (domain). If this address is the same as what you see in the address bar of his browser, then it is a normal cookie. Such cookies can only track what a user is doing on that particular page. Such cookies are often necessary for the correct display of the site.

According to a ruling by the European Court of Justice in October 2019, users have to expressly consent to cookies being set when they visit a website for the first time.

Third party cookies

Websites can incorporate elements from other providers without being clearly recognizable. For example, images or advertising banners, buttons on social networks or even just a single, invisible website pixel, called a "beacon" in jargon.

These building blocks from other web servers are called third-party elements. You can also set cookies - or read out existing cookies. In this case, one speaks of third-party cookies. These cookies are not tied to the Internet address that a user has called up, but to a completely different one that he * she never sees.

Some companies have integrated their elements that set and read cookies on hundreds of websites. Every time someone calls up such a page, the third-party provider finds out and can identify the person on the basis of the cookies that are present across the various websites.

Third party cookies can be blocked in all major browsers. This prevents a new cookie from being set. But if one has already been saved, it can still be read out. We therefore recommend not only blocking third-party cookies, but also deleting existing third-party cookies.

Our guides for mobile browsers

E-tags and cache

Browsers work with intermediate stores, so-called caches, in which they can store parts of a website, for example large images. In this way, you can load the content from the cache when users call up the page again. This will make it load faster.

So that a website knows which content it still has to deliver and which the browser can fetch from the cache, an information file is saved for each cache content - a so-called E-Tag. If the page is called up again, the browser sends this E-Tag and the web server can use it to determine which files are already in the cache.

E-tags can also be used for tracking like a cookie. Integrated elements from third parties can also store and read out such tracking e-tags. E-tags can only be deleted by clearing the cache. Most browsers offer this option in the settings. In some browsers you can also deactivate the cache completely. However, websites then load a little slower and you use more mobile data volume.

Browser fingerprinting

The composition of the browser version used, the operating system and version, the add-ons used, hardware, language, security and data protection settings results in an almost unique combination for many users. If you look at all of this information together, you get a unique “browser fingerprint” for every person surfing the web.

Because the browser transmits all this data to a accessed website by default, website operators can recognize users relatively reliably using this fingerprint. Some third-party elements can also read the browser fingerprint. In the Panopticlick test project carried out by the Electronic Frontier Foundation in 2017, 83 percent of all users were clearly identified by fingerprinting.

The Firefox browser blocks some fingerprinting with the "improved protection against activity tracking" function, which is activated by default. In order to recognize trackers that read the fingerprint, Firefox works with the company Disconnect, which keeps corresponding blacklists.

Disconnect continuously collects Internet addresses that trackers set or read. The browser's built-in tracking protection compares every Internet address of third-party elements to which the browser wants to send data with one or more of these lists. If an address is on the block list, not only is the storage of cookies blocked, but all communication to it.

Super cookies

So-called super cookies are known in the world of computers. Another name for super cookies is Local Shared Objects (LSO). These cookies are much larger than normal cookies, they have no expiry date and are often difficult to delete.

There are two types:

  • Flash cookies: In order for them to work, the device must support the "Flash" programming language. As of version 4.3, Android no longer supports Flash by default. But there are ways to install Flash on the Android device anyway. In that case, it is also susceptible to Flash cookies.
  • Local storage cookies: In addition to the cache, there is another location in the browser where websites can store content. Originally also with the intention of being able to load these pages more quickly later. This location is optionally referred to as DOM storage, web storage or local storage. This memory is often used, especially on smartphones, to store tracking elements. How you can delete this memory is solved differently in each browser.

Tracking via browser history

Tracking can also take place through the browser history or the chronicle. Almost all browsers record which websites have been visited by default.

Actually, the browser does not publish this recording to websites. In the past, however, there were methods with which websites could extract information about this recording from the browser. This made use of the fact that the browser of a website reveals which links someone has already visited so that they can be displayed in different colors. This type of "history stealing" (stealing history) has now largely been prevented.

In the desktop world there are many programs that are integrated directly into the browser. For example password managers, clipping tools, antivirus software, browser add-ons or toolbars. They are all potentially able to record all Internet addresses called up. Especially with the toolbars and add-ons, cases are known again and again in which the browser history was recorded and sent to companies and sold.

With smartphones, it is not so easy to integrate an app directly into the browser. On iOS, this is only possible if the Safari browser allows the corresponding app. With Android, special authorizations are required for this. Browser add-ons such as those on the desktop are only available on the smartphone for the Firefox browser.

Prefetching

All major browsers have a "prefetching" function. Translated it means something like "get in advance". The browser checks the page it is currently displaying to see whether it contains any links. If there are links, the browser preloads the pages to which the links lead. If the user actually clicks on one of the links, the underlying website is built up faster.

The browser transmits the standard information to the "preloaded" pages, which it would also transmit to the pages actually accessed. Cookies can also be read. However, not all linked pages are loaded in advance, only those that have been specially marked for this by the website.

Prefetching can send personal information to websites that you have never visited. It used to be quite easy to block the function and thus also the tracking in Firefox. Since August 2020, this option is no longer available in the normal Firefox version, but only in the largely identical nightly version. In Chrome, the function can be deactivated via the browser settings.

Do you already know our newsletter? Once a month we will send you the latest mobile-safe reading tips straight to your inbox. Register here.
#Addon #Browser #BrowserVerlauf #Cache #Cookies #ETag #Tracking
Has information changed or do you have a hint for us on this subject?
Write to us: [email protected]