The truth about cookies on the Internet
Created | Updated Jan 6, 2003
There is an awful lot of information out there about cookies, it seems to have become a subject of fear for lots of Internet users who don't understand them or have received mis-information about them.
As a web developer of some years I use cookies extensively to create functionality on my sites so I know all about them and their restrictions.
The Internet was originally designed as a means of publishing information and making it freely available. It as born in the academic community in the US and they used the system to view each others research. Nobody imagined that the Internet would become such a widely used tool for commerce, banking, information and showing pictures of pretty girls without any clothes on.
As things developed the old protocols used to transfer information started to become inadequate. Remember the Internet was designed for freely exchanging information so it made lots of sense at the time to invent HTTP. Yes that little ditty that appears at the start of your web addresses means something. It stands for ‘hypertext transfer protocol’. Unless you’re a dull computer geek like me then really that’s more information than you need but I’m going to give you one more piece of information. HTTP was designed as a stateless protocol. That basically means that the web server neither knows nor cares who you are. All the web pages it has at its disposal are freely available so when it receives a request it simply sends it back. Servers can be very complicated beasts but a web server can be seen as the packhorse of computers. It’s not very bright but incredibly hard working. It does lots of little things very quickly but doesn’t give them much thought.
Now say you then ask for another page, perhaps by clicking on a link on the website. The same process occurs but (as the protocol is stateless) the web server doesn’t know whether you were looking at another page on the same site before this one and it doesn’t care (there is a way of logging referrer pages but trust me on this one the web server doesn’t care). If that’s the case then what happens when you log into a website such as H2G2. Well since the nice guys at Netscape invented them the web server sends a cookie to your browser and then when you return to that website it knows who you are and you don’t have to log in again!
Cookies can be session specific (ie if you close your browser and open it up again the cookie is gone) or the can be persistent (they stay on your computer for a set amount of time). You have total control over which cookies you accept and which ones you reject. If you take a look at the help file for your browser you can get more information on this and there are also lots of websites out there with this information (some more paranoid than others).
When cookies were invented there was understandably a bit of a worry about cookies as it involves transferring files to your computer. Firstly what about viruses? Well, that’s easy enough to get around; cookies were restricted to small text files that cannot contain viruses. Simple!
Secondly doesn’t this allow people to track people over the Internet. Another neat solution, only allow cookies to be read by the same people that delivered them. That means that if www.h2g2.com delivers a cookie to your machine only h2g2 can read it. In fact if a website delivers a cookie from www.h2g2.com/somethingorother/ even www.h2g2.com can’t read it, it has to be www.h2g2.com/somethingorother/.
So how do people track information about what sites you have been visiting? Well this falls to advertisers. They buy space on peoples websites and deliver the ads from their domain. This means when you are looking at a web page with an advert the advertisement can deliver a cookie to your machine and as it is the same domain delivering adverts to many sites (even though you don’t see it in the address bar) it can track which sites you are looking at. It does this to try and deliver appropriate adverts to you that are more likely to catch your attention and be of interest. The important thing to note is that they CANNOT take any information about you that was not given to the website in the first place.
If you don’t want these advertisers to track you then my suggestion is to clear your cookies on a regular basis – that’ll fox ‘em!
There is a lot of worry about cookies that I find hard to understand. There are worse things to worry about on the Internet such as viruses. Viruses can be very malicious little things and can be delivered by websites (often unknown to the site owner) or by email. Computer security is a complicated issue that it is unwise to look too far into unless, like me you enjoy caffeine and late nights a great deal.
There are two things you can easily do to protect your computer. Firstly install a virus scanner and keep it up to date. They aren’t expensive and are well worth the money. Secondly install a firewall.
If you follow the two steps above will be safe from most of the horrors of the Internet. This leaves you free to enjoy what the net has to offer rather than worrying about cookies!
As a web developer of some years I use cookies extensively to create functionality on my sites so I know all about them and their restrictions.
The Internet was originally designed as a means of publishing information and making it freely available. It as born in the academic community in the US and they used the system to view each others research. Nobody imagined that the Internet would become such a widely used tool for commerce, banking, information and showing pictures of pretty girls without any clothes on.
As things developed the old protocols used to transfer information started to become inadequate. Remember the Internet was designed for freely exchanging information so it made lots of sense at the time to invent HTTP. Yes that little ditty that appears at the start of your web addresses means something. It stands for ‘hypertext transfer protocol’. Unless you’re a dull computer geek like me then really that’s more information than you need but I’m going to give you one more piece of information. HTTP was designed as a stateless protocol. That basically means that the web server neither knows nor cares who you are. All the web pages it has at its disposal are freely available so when it receives a request it simply sends it back. Servers can be very complicated beasts but a web server can be seen as the packhorse of computers. It’s not very bright but incredibly hard working. It does lots of little things very quickly but doesn’t give them much thought.
Now say you then ask for another page, perhaps by clicking on a link on the website. The same process occurs but (as the protocol is stateless) the web server doesn’t know whether you were looking at another page on the same site before this one and it doesn’t care (there is a way of logging referrer pages but trust me on this one the web server doesn’t care). If that’s the case then what happens when you log into a website such as H2G2. Well since the nice guys at Netscape invented them the web server sends a cookie to your browser and then when you return to that website it knows who you are and you don’t have to log in again!
Cookies can be session specific (ie if you close your browser and open it up again the cookie is gone) or the can be persistent (they stay on your computer for a set amount of time). You have total control over which cookies you accept and which ones you reject. If you take a look at the help file for your browser you can get more information on this and there are also lots of websites out there with this information (some more paranoid than others).
When cookies were invented there was understandably a bit of a worry about cookies as it involves transferring files to your computer. Firstly what about viruses? Well, that’s easy enough to get around; cookies were restricted to small text files that cannot contain viruses. Simple!
Secondly doesn’t this allow people to track people over the Internet. Another neat solution, only allow cookies to be read by the same people that delivered them. That means that if www.h2g2.com delivers a cookie to your machine only h2g2 can read it. In fact if a website delivers a cookie from www.h2g2.com/somethingorother/ even www.h2g2.com can’t read it, it has to be www.h2g2.com/somethingorother/.
So how do people track information about what sites you have been visiting? Well this falls to advertisers. They buy space on peoples websites and deliver the ads from their domain. This means when you are looking at a web page with an advert the advertisement can deliver a cookie to your machine and as it is the same domain delivering adverts to many sites (even though you don’t see it in the address bar) it can track which sites you are looking at. It does this to try and deliver appropriate adverts to you that are more likely to catch your attention and be of interest. The important thing to note is that they CANNOT take any information about you that was not given to the website in the first place.
If you don’t want these advertisers to track you then my suggestion is to clear your cookies on a regular basis – that’ll fox ‘em!
There is a lot of worry about cookies that I find hard to understand. There are worse things to worry about on the Internet such as viruses. Viruses can be very malicious little things and can be delivered by websites (often unknown to the site owner) or by email. Computer security is a complicated issue that it is unwise to look too far into unless, like me you enjoy caffeine and late nights a great deal.
There are two things you can easily do to protect your computer. Firstly install a virus scanner and keep it up to date. They aren’t expensive and are well worth the money. Secondly install a firewall.
If you follow the two steps above will be safe from most of the horrors of the Internet. This leaves you free to enjoy what the net has to offer rather than worrying about cookies!
