Note: My Web pages are best viewed with style sheets enabled.
A cookie is a small package of data describing your Web-surfing activities. When you request a Web page, you send a message to the page's Web server. The server returns the files needed by your browser client to display the page. Before those files are sent, however, the server sends some header messages describing those files. Those messages might include one or more cookies, each of which contains the following data:
.yahoo.com TRUE / FALSE 1273769119 PL V=1.1&d=JcW2MLFRMreis interpreted as follows:
|domain||.yahoo.com||Because the specified domain begins with a period, the cookie applies to all domains with any prefix and this ending (e.g., www.yahoo.com, news.yahoo.com, finance.yahoo.com).|
|flag||TRUE||All cookies with domains beginning with a period have TRUE, and all cookies with complete domain specifications (not beginning with a period) have FALSE. This aids in interpreting the domain.|
|path||/||Here, the virgule (/) indicates that the cookie applies to all files in the domain. If the path were /working, then the cookie would apply only to Web pages in the directory named working. If the path were /internet/cookies.html, then the cookie would apply only to the Web page in that specific file.|
|secure||FALSE||The cookie may be used with unsecured Web pages. TRUE would restrict the cookie to only secure pages.|
|expiration||1273769119||The cookie expires on 13 May 2010 (1273769119 seconds from 1 January 1970 00:00:00 UTC).|
|name||PL||The name of this cookie.|
|value||V=1.1&d=JcW2MLFRMre||The value associated with PL. Note that this cookie has two subvalues, each with its own name: The name V has the value 1.1, and the name d has the value JcW2MLFRMre.|
Notice that a cookie does not contain any executable software, just data. The next time you request a Web page for which you already have a cookie, the IDs and their associated values are included in the request message you send to the page's Web server. Thus, the Web server can track your accesses to specific Web pages.
While many cookies are written into your cookies file on your computer's hard drive, some cookies are intended for memory only. These are erased when you exit your Web browser application.
In general, a cookie tracks your request for a Web page and what you do as a result of browsing that page.
I am quite sure you can see other uses for cookies. On the other hand, there are a number of things a cookie cannot do.
You might not be concerned if a supermarket, gas station, public library, or drug store records how many times you enter their facility. But would you be concerned about someone keeping track of how many times you went into a liquor store? If you are a man, would you want someone else to have a record not only of how many times you went into a drug store but also of how many times you bought an ointment for "jock itch" or condoms (and what brands)? If you are a woman, would you want a record of what brand of pregnancy test you bought for cash, especially when your husband had a vasectomy five years ago?
Using cookies to identify you, Web sites can indeed maintain such records. With Internet connections using dynamic IP addresses (e.g., dial-up, some broadband), they might not be able to correlate their records with your actual identity, but they can identify the ISP and even the POP through which you connected to the Internet. With connections using static IP addresses (e.g., some broadband, T1), your actual identity can be determined. Even with a connection using dynamic IP addresses, if you input any identifying information on a Web form, that information can easily be tied to a cookie. Thus, the owner of a Web site can accumulate a profile about your Web-surfing activities and even connect that profile to an actual person — YOU. This is an issue of privacy and controlling information about how you live your own life.
First of all, do not set your Web browser to reject or disable cookies. As described above, some memory-only cookies are needed to navigate through complicated Web pages or to use secure Web pages. Often, Web pages that write cookies will not load if you reject cookies. Also, do not set your Web browser to warn you about cookies. You will soon become very annoyed at having to respond to each cookie.
*** Begin Right Sidebar ***Originally, cookies would be in plain text and found in a file named cookies.txt. However, Gecko-based browsers (e.g., Firefox, SeaMonkey) now save cookies in an SQLite database with the file name cookies.sqlite.
*** End Right Sidebar ***
My solution to this problem involved editing my cookies so that only those remained that I absolutely must have. I then made a back-up of the cookies. Before I start my browser, I copy the back-up over the cookies file, thus eliminating any cookies that I accumulated from the prior browser session. This makes all new, unwanted cookies memory-only. While I could refresh my cookies manually, I created a simple script to do this.
It is important to recognize that memory-only cookies persist until your terminate your browser. Thus, if you visit a Web site and enter data on a form, you might want to terminate your browser after you leave that site, thereby limiting the accumulation of data from memory-only cookies.
This should prove effective in defeating even DoubleClick's tracking of who views its advertisements across unrelated Web sites.
But what about the cookies that you want? You do get stock quotes from YeeHaw and you frequently request technical help from various software developers. I handle this situation as follows:
The next time I start my browser, I refresh my cookies from the new back-up. When I them request that Web site, the new cookies will be sent with the request. I have to remember that cookies do have expiration dates, although some expire only after many years. Thus, I might have to renew certain cookies and again create a new back-up.
Newer browsers contain cookie managers. I use SeaMonkey, whose cookie manager has the following features:
These features are generally found in Gecko-based browsers.
Other software may also establish cookies files. As with Gecko-based browsers, the files might not even be named cookies.txt. In some cases, it appears that the files are related to "live update" capabilities that automatically download and install upgrades to the software setting the cookies. (Both for security reasons and also because I want to maintain a log of all updates, I always disable automatic updates.)
More information about cookies — including technical details about their structure — is available from the following links:
Information about other links is always welcome.
Last updated 8 June 2010
"Internet" Table of Contents
David Ross home