Cookies are covered on page 207 of the textbook, so I won’t repeat that information here. However, there are a few common misunderstandings related to cookies which need to be cleared up.
Q. Are cookies programs?
A. No, they are simply plain text files
Q. Can cookies store sensitive data such as passwords or credit card numbers?
Q. Can cookies be read by any site?
A. A cookie can only be read by the site that created it.
Q. Can cookies damage a computer?
A. Cookies are not viruses (remember, they are not even programs), so they cannot copy themselves. They cannot access or change other files on your computer.
Q. Why are cookies used?
A. Cookies are used for several reasons:
- To store some of your preferences (e.g. your preferred language).
- To keep you logged in when you select the “Remember me” box on your email or social network login screen
- To identify you as a returning user to the web site.
- To identify you using an individual user using a number.
- To help when storing data about a web site’s users, perhaps for targeted advertising purposes.
Q. Can cookies track you?
A. Yes and no.
Cookies identify web site users with a unique identifier – usually a number. This allows the web site to store data about that user’s visit in a database. For example, they can record how many times you visit the site, the type of web browser you use, the pages you visit, and the time you spend on the site. Search engines can store each search query the user makes. This information is typically collected by companies so they can understand how people use their website, and so they can engage in targeted advertising. But remember – this information is not typically stored in the cookie – it is stored in a database owned by the web site owner. The cookie just provides the unique identification number to identify the user (this acts as a primary key in the database’s user table).
Third party cookies can take things a bit further. Third party cookies are cookies used by people other than the owner of the web site. Advertising companies are a good example. If you go to web site A, and Adverts.com has adverts on that site, they will usually use a cookie to identify you. This is called a third party cookie because Adverts.com don’t own the web site, they just have some content there. If you later visit web site B, where Adverts.com also has adverts, they will use that same cookie to identify you. This means that over time, Adverts.com are able to track which web sites you have visited. Again, this data is collected to understand your browsing habits and enable targeted advertising. This is why some people are concerned about the privacy implications of cookies.
Q. Should cookies be blocked?
A. First party cookies and third party cookies can be disabled separately in most web browsers, and many people disable third party cookies completely because they feel they have no use to them. First party cookies are needed by some sites to work (e.g. those that keep you logged in, such as webmail and social networks).
I like the CS Lite extension for Firefox, which allows you to disable all cookies, then whitelist just the ones you want / need.