The author of this page

Privacy On The Web.

What's a Cookie
What's A Cookie? What Purpose Do they Serve? Are cookies a threat to my security? Are you still afraid of the big bad cookie monster (Managing Cookies)? References

Links

What is a Cookie?


A cookie is very simple tool used by most computers to store information that is helpful to have when surfing onto frequently accessed pages or on specialized pages. A cookie1 is rather small bit of information that is stored on your computer’s hard drive. Cookies are usually created while browsing onto particular websites which either require personal information or user specific information.

Cookies have six parameters that can be passed to them:

1. The name of the cookie.
Name of which the cookie will be saved by the client browser.

 

2. The value of the cookie.

Thsi is the variable value of the cookie of the lenght of the text string. Some browsers may have limit to the length of cookie value that it will take.
3. The expiration date of the cookie - this determines how long the cookie will remain active in your browser.

The expiration date/time of the cookie. If the value is not specified or is set to default, the cookie will last for the duration of the time that the browser is operable. Take for instance online banking the cookie is only active for about 20 mins after the last time it was used this is a safety measure for the consumer. Once this time has pasted the cookie then self-terrminates and takes any similar files with it.
4. The path the cookie is valid for

This sets the URL path the cookie can be used in. Web sites taht are not specified by that particular cookie path cannot use that cookie.

The domain the cookie is valid for

This takes the path parameter one step further. This makes the cookie accessible to pages on any of the servers when a site uses multiple servers in a domain.

The host name where the cookie is to be sent back to. You can set can set this feature for each cookie. Make it something like www.peanutsgallery.com or always.com. The domain cannot be to-level domain (.us, .com, .org) or "extended" top-level domain like .co.uk or .ny.us. In addition, this domain must match the domain on which your web server resides. You can set domain to whatever you like, but the client browser will just not accept cookie with invalid domain.
If this parameter is not defined the client browser will use host name that the orignal request was made for.

The need for a secure connection

This says that the cookie can only be used by a secure server.
There is a flag that is sent with the cookie telling that is can only be used over secure HTTP's. Cookies with this flag sent over unsecure connections will be rejected and will not be sent back.


What Purpose Do They Serve?


Cookies serve a multitude of purposes. Firstly, they are a sort of communication system between the web server and a web browser. Secondly, they store information on the sites that one has visited and what he or she has done on that site. They also gather information for the sites demographics. Finally, they make it pssible to personalize a particular page. They making surfing the web vastly more convenient, and here is how.
When we turn on our computers and sign in to either our Microsoft explorer or any other type of Client Server/ Web Browser we receive information from a Web Server that allows our machine to display a certain page. Often times as is the case with any type of e-mail one might have a bit of information is stored the first time we visit the page. We may create an e-mail account the way that we are recognized the next time we enter this page is through the use of the cookie. The cookie sends out a message to the Web server in binary code which tells the server what specification we have preset and also what our user name and password. The server then relays another message back to the browser, in HTTP header format that contains a text-only string, allowing it to display our customized screen and all those annoying pop up commercials that change every time we log on, also due in part to the function of the cookie. Web sites will use cookies to keep track of what ads you have seen and how often you see those ads.
The cookie is like a back road short cut on a long trip home. Without it we would be forced to enter and reenter personal information every time we wanted to check our e-mail. This little bit of information is the source of what make surfing the web fun. Also every time we augment the settings the cookie then stores the new setting and/or requests and allows for easy access at a later time. All the information gathered by the cookie is then stored on your computers hard drive.

Are cookies a threat to my security?


Are Cookies a threat to our privacy? Of course they are not. As was previously stated a cookie is stored on your hard drive for the sake of personalizing certain pages. It is not as if the bit of information in the cookie is being sent out across the web to identity fraud predators. Cookies help store personal information about you so that on returning to that site you encounter a more personalized setting, and not to mention that cookies are not stored for infinite periods of time. So there is nothing to be worried about.
The cookies that are being placed on our computers are not serving the purpose of allowing some megalomaniac, mad scientist to learn about your whole life. They are nothing more than text files that are basically harmless. They are not in any way a type plug-in or program. Some people fear that cookies spread viruses but this is also nothing more than an urban legend, like the guy next door who kills kids that try to get lost balls out of his yard. Cookies cannot spread viruses and they cannot access your hard drive, they are only saved there. This does not mean that cookies are not relevant to a user's privacy and anonymity on the Internet. Cookies cannot hack into your hard drive and send out information about you and all of your personal details. Cookies operate only upon what is given to them. A cookie can only give out information that has previously been stored in that cookie. All information given to a particular site, including home address and phone number, and credit card information will be stored in a cookie unless you have turned off the cookie. So cookies may pose a minor threat to privacy but the cookie will only release that which you have already provide to it.

Are you still afraid of the big bad cookie Monster!?!?


If you still think you are in threat of Identity Theft, then there is a solution. Both Netscape and Microsoft Internet Explorer can be made to not accept cookies if the user prefers to use the internet in such a manor. This feature is nothing more than a security blanket an will more than likely cause more of a hassle than it is worth. The treat to you is so miniscule that there is really no need to utilize this function but here is how you can if you feel the need.

Cookie_Screen

In Netscape, follow the Edit/Preferences/Advanced menu and in IE, follow the Tools/Internet Options/Security menu to set cookie preferences.


 

    References
  1. http://www.sharpened.net/glossary/definition.php?cookie
  2. So what's a cookied anyways?
  3. ABC's about cookies
  4. Do cookies put you at risk of invasion

 

October 20, 2003

Back to top
Send Email To Troy Burks