CXO

Cheat Sheet: Cookies

More prolific than Jamie Oliver's recipe books...

So tell us, what is a cookie then?
A cookie is information that any website can put on your PC's hard disk so it can remember something about you at a later time.

Er, that's not terribly technical, is it?
You want techie stuff? OK, the server stores relevant information on the client side (in the client/server computing model) because the page server has no memory of what pages it has sent to a user previously. A cookie records user preferences by using HTTP, the web's transfer protocol.

Sounds intriguing. But are they actually useful to anyone?
They can be helpful when consumers are buying stuff online, remembering who they are and their preferences and other titbits of information they might have supplied the site with. They can also be used to customise pages based on a browser type.

Cookies can also be useful for sites which feature banner ads as they are commonly used to rotate ads the site serves so consumers don't get the same one all the time.

Can I check my cookies?
You can view the cookies that have been stored on your hard disk although the content stored in each cookie may not make much sense. It looks like a small text file, often only just 1KB in size. The location of the cookies depends on your browser. Internet Explorer stores each cookie as a separate file under a Windows directory, Netscape stores all cookies in a single cookies.txt file and Opera stores them in a single cookies.dat file.

This is worrying isn't it? Don't the authorities have anything to say about it?
Most surfers are not aware of cookies residing inside their PCs or what kind of information they contain. So the EU came out with a decision recently saying the use of cookies is banned unless companies have full consent of users and let users know explicitly what they'll do with the information.

And everybody's OK about the EU's ruling?
Far from it. The first one to step forward and complain was the Internet Advertising Bureau (IAB) which claimed the EU's stern decision will cost UK business about £11bn - there are plenty of people who think the cookie ban is a nuisance and misguided.

Are there any security issues I should be worried about?
Microsoft (who else) issued a patch a couple of weeks ago for a hole in its Internet Explorer browser which allowed hackers to access users' cookies. But Microsoft is not guilty alone. The same security glitch plagued Opera but they too patched the hole in their browser pretty swiftly. So there is a browser related security issue.

Do most well-known sites, like silicon.com, use cookies?
Many do, but not always in the same way. We first ask users to choose if they want to download a cookie onto their machine for easy user ID on future visits. Other sites, especially ecommerce and content offerings, also want to know if you've visited them before. What they do with that knowledge is another matter.

Can I keep an eye on all my cookies?
Yes and no. The more you surf, the more you'll have them. Getting a message every time a cookie is downloaded on your machine can drive you crazy - trust us, we've tried it. (A browser like IE can be set up to allow you to reject a cookie every time one wants to be sent.) Should this be a default setting? Does the EU have a point? Such a set-up would probably scare some surfers who wouldn't know what to do if they saw a cookie alert. Maybe the current situation is the best.

Tell us what you think by posting a Reader Comment or emailing editorial@silicon.com

For a complete list of Cheat Sheets type 'CS1' into the silicon.com Search

**Essential Links**
From the silicon.com archive
Opening the lid on the cookie debate
http://www.silicon.com/a49221
Cookies 'banned' by Eurocrats
http://www.silicon.com/a49117
Cookies granted James Bond status
http://www.silicon.com/a48780

External Links
http://www.cookiecentral.com
http://www.junkbusters.com
http://www.eff.org
http://www.privacy.org
http://www.epic.org
http://www.jdrn.com/nacl
(the national anti-cookie league)
CS1

0 comments