[link|http://www.debian.org/|Switch to an operating system that respects your privacy.]
\r\n\r\nCookies. Yes, they're SOP. Some sites (Washington Post comes to mind) fail to work at all if you deny them. Unfortunately, [link|http://galeon.sourceforge.net/|my preferred browser] doesn't allow me to set a "session cookie" preference (allowing state tracking over a single browsing session, but not between sessions). Galeon does provide cookie control (as do Mozilla and Firebird nee Phoenix), and in a two week old configuration I already have 223 sites on my ban list. First time the site tries to set a cookie, I state my preference, from there on out I don't worry about it. First week or so is busy but traffic trends down after that.
\r\n\r\nSpyware. See my first suggestion. Legacy MS Windows basically has few tools to allow you to see what your system's doing, and does an awful lot behind your back. Get that monkey off your back. Yes, there are tools you can buy (that don't tell you what they are doing, and which do an awful lot behind your back) to address this issue. Still nothing like 'ps' and being able to root around in /proc.
\r\n\r\nPasswords: not practicable on most sites, but for things you do want to keep secure, one-time passwords aren't a bad idea.