Cookies, Love 'em, Hate 'em, or Something in Between.
Cookies have become a topic of discussion these days. I have done a bit
of research, and hope the sites that I have listed are helpful in making the decision
about whether you love, hate, or are ambivalent to cookies. Used properly, they can be of
some benefit. There are some indications of potential dangers though.
I have tried to maintain the theme of learn, then decide for yourself.
Please let me know If I fail in that respect.
Contents
What is a cookie?
"A cookie is a small file stored on an individual's computer
allowing a site to tag the browser with a unique identification. " from the Vanderbilt
site. There's more to it than that though. A cookie is information your browser stores to
remember preferences, where you have been on a site, or other things. The information is
available only to the site that set the cookie, with the caution that there are some ways
for other sites to get information detailed in the Doubleclick example
further on in the discussion.
According to an article written by Paul Bonner for Builder.Com on 11/18/1997:
"Lou Montulli, currently the protocols manager in Netscape's client product
division, wrote the cookies specification for Navigator 1.0, the first browser to use the
technology. Montulli says there's nothing particularly amusing about the origin of the
name: 'A cookie is a well-known computer science term that is used when describing an
opaque piece of data held by an intermediary. The term fits the usage precisely; it's just
not a well-known term outside of computer science circles.'"
Thanks Paul!
Cookies are, by default, stored in memory, and last only as long as the
browser session. There are ways to create a cookie that has an expiration date in the
future. The cookie, with the future expiration date, is stored on a file on your hard
drive. These are the cookies that I will be talking about. Although the memory resident
ones act similarly, they only last till you shut your browser down..
Cookies are found on your machine in a file called 'cookies.txt'
on the Windows machine with Netscape, or as a series of *.txt files in the
\windows\cookies directory if using Internet Explorer. On a MAC, they are 'magic cookies.'
The Netscape 'cookies.txt' file is a text file. You can view the contents with any text
editor. You can also view the *.txt files in the \windows\cookies directory with notepad
or other text editors. I don't know about the MAC.
Cookies work like 'Caller ID' with web sites that use them. While
they don't necessarily provide your name and address, they do provide a unique ID that
allows web sites to track the occurrences of your machine at their site.
[back to top][forward]
Do Cookies Invade My Privacy?
Whether or not a site uses cookies, your browser can provide some
information to them if asked. To see what information your browser can provide a site, go
to the Anonymizer page to see. As
you can see, no personal information is given by your browser.
When you accept a cookie, a bit of text is written to your
cookies.txt file. The information in the Cookie can help sites determine the interests of
their visitors, set preferences for personalization of a site's presentation to you, or as
a marketing tool to track your preferences.
Personal information can be stored in a Cookie, but, in general,
you will have to provide the information to the site. An example is Travelocity. This site gives you unlimited use of
the search facility for lowest air fares IF you join. When you join, your membership
information is written in the 'cookies.txt' file so you don't have to enter it each time
you visit. Since my unique ID could (and probably is) tied to the personal information I
gave them for registration, I'm sure they will be able to track what I do on their site.
This can help them target advertising and promotional offers where they feel they will do
the best. There are other ways this information could be used as well. It pays to be
cautious.
Some of the listed links make reference to DoubleClick, a marketing company that uses cookie
technology to target advertising for it's customers. Each time you visit a site, the
cookie for that site remembers what you did the last time. It makes sure you don't see the
same advertisement over and over. After several visits, your cookie can tell them what
your interests at that site are.[back]
Another site, Imgis, uses
this technology. The intended use is to change ads so you don't see the same banner ad
every time. The difficulty comes into play if the site using Imgis were to provide user
data so they could track you individually. Read this article posted
by Old Salt.
WorldNet uses Imgis for the banner add at the top of the home
page. Look at the document Info, and you may see http://adforce.imgis.com/?adserv|2|789|1|1|Key
Where the image is actually loaded from Imgis' site. When you load
the image from Imgis, they set a cookie to track what adds your browser sees, and change
them accordingly. According to WorldNet's Privacy Policy, Imgis would
not have access to your name, but could only track the cookie they sent to you. This
should make you a bit cautious about giving your name and address to the many sites that
want you to register free. They may not have a similar privacy policy. Connecting the
cookie to your name could have ramifications with respect to your privacy.
On the Vanderbilt
page, there is an assertion that a cookie could somehow search your hard drive for bank
account, credit card, or other financial account numbers. On the other hand, the WorldWide Web Consortium says
no, cookies can't be used that way. Read them yourselves.
There was a story in the Sun Sentinel reporting a German web site
using cookies to search for bank account numbers, invoicing the bank and causing the
computer to pay the invoices. The story said they got $640,000 this way. . I am mildly
skeptical about the facts as reported, based on my perceptions of the press and the
sensationalism typically used by news reporters when talking about Internet related
subjects. Perhaps more will come out on this so we can see all the facts. (Author's note:
A subsequent story (sorry, couldn't find the reference) shows these hackers broke into the
ISP's servers and got the information about customers; The story did not involve cookies)
A recent
development in cookies has reared it's head. According to a recent article in Inter@ctive
Week, Imgis will tie a match code to a cookie which ties an individual browser to a
database of 140 million Internet users to their visits on the Internet. Participating ISPs
will provide the match code to the database. Under the plan Imgis will tie the individual
match code to a user and compare name, address, estimated income, household income and
automobile ownership against an ad inventory to select ads for that user. In addition,
this system could track an individual's visits on participating sites. This is a threat
against privacy on the net unlike any before. So far, GTE and Netcom are alleged to have
signed with Imgis for this service. Both deny contracts exist, and Netcom says they will
not sign a contract citing privacy concerns.
This is one to watch.
[back to top][forward]
Cookies and Viruses
I've never heard of a virus from a cookie. Generally speaking, a
computer has to transfer control of program execution to the file with a virus to allow
the virus to do it's work. In other words, the virus has to execute in order to do damage.
Just sitting on your hard drive they are harmless. Cookies are not executable, so they
can't really do virus type things. BTW, just because I've never heard of it doesn't mean
it has never happened, only that I've never heard of it.
[back to top][forward]
Cookies eat up space on my hard drive
The size of the Netscape cookies.txt files on my machine range
from 1 to 4k bytes. (I have several browsers). My current cluster size (minimum allocable
space) is 16kb. The cookies take up less than the minimum size allocable. Certainly not
large enough to run me out of space.
On the other hand, Microsoft designed IE to create a separate
file for each cookie. The cookie files themselves are small, but my disk drive cluster
size being 16 KB means each cookie takes up at least 16 KB of my disk space; a different
matter altogether. If your cluster size is 32K, then they take up twice as much room.
[back to top][forward]
Do Cookies Benefit Me?
Cookies can be beneficial. The "shopping cart" method
used by some web sites depend on it. The cookie set in these sites allows you to go from
one product to the other, while remembering what you have on you shopping list.
Cookies can hold preferences for you at web sites. Search.com remembers what search engine you last used.
This can be beneficial if you like to use one search engine repeatedly.
A cookie set at a web site may prevent you from seeing the same
ads every time you visit. In fact, depending on what you search for, particular ads may be
presented. Look at how Infoseek uses cookies.
Depending on what you search for, their site determines what banner ads you see. Try
searching there, and see what ads pop up.
[back to top][forward]
How Can I Protect Myself
There are ways to get around cookies. There are applications like
Cookie Crusher, that will prevent
your system from accepting cookies if you don't want them. You can also use the Anonymizer page to shield your system from unwanted
cookies.
After each Netscape web session, you could erase the cookies.txt
file. If you do, the browser will just recreate a blank one for the next time. In IE,
erase all of the files in the c:\windows\cookies
subdirectory. The two '.dat' files wil be recreated next time you run IE.
Some Netscape users advocate erasing all but the first three
lines, and then making the cookies.txt file read only. This way, accepting a cookie cannot
write info to your disk, and the server is not aware. The problem is that cookies can
benefit you at some sites where you can set up preferences. Some news sites only give you
news you are interested in using the cookie file for example. Without the cookies.txt file
they can't do that. Since Microsoft designed IE to create a single file for each cookie,
you can't fix IE this way.
[back to top][forward]
Conclusions
Are cookies good or bad? It certainly depends on who you ask.
Some think it's a plot to track your activities on the Web. Others think they are great
because it enhances their visits to certain web sites. Some people just don't care one way
or the other. Who is right? It's up to you to form your own opinion. There is plenty of
reading out there to help you with that.
Cookies, or not, is a hot topic these days. Whether you love 'em,
hate 'em, or are somewhere in between is a personal thing. My best advice is to read up on
them, and form your own opinion.
[back to top][forward]
Read more about Cookies at:
For specifications on cookies, look at:
For an outlook on Net Privacy:
Better yet, use one of the search engines to get your own list of
sites that discuss cookies. You could use the Find icon on WorldNet's home page or try Search.com
You can get all of these URLs, and more by going to Search.com and searching on Cookies. There are also some
articles on the bakery type of cookies too.
[back to top][forward]
Disclaimer
As far as I know, the information here is correct. Methods of
protection against cookies should be used only if you know what you are doing. The methods
are possibilities, and not necessarily proven. Try them at your own risk. I would
appreciate information about errors. I welcome editorial comments and suggestions. Send
e-mail to Dave Krieps.
Revised 03/22/98
[back to top]
Back Home
