Do Cookies Compromise Security?
Cookies are messages that a Web server transmits to a Web browser so that the Web server can keep track of the user's activity on a specific Web site. The message that the Web server conveys to the browser is in the form of an HTTP header that consists of a text-only string. The text is entered into the memory of the browser. The browser in turn stores the cookie information on the hard drive so when the browser is closed and reopened at a later date the cookie information is still available.
- To collect demographic information about who is visiting the Web site. Sites often use this information to track how often visitors come to the site and how long they remain on the site.
- To personalize the user's experience on the Web site. Cookies can help store personal information about you so that when you return to the site you have a more personalized experience. If you have ever returned to a site and have seen your name mysteriously appear on the screen, it is because on a previous visit you gave your name to the site and it was stored in a cookie so that when you returned you would be greeted with a personal message. A good example of this is the way some online shopping sites will make recommendations to you based on previous purchases. The server keeps track of what you purchase and what items you search for and stores that information in cookies.
Cookies do not act maliciously on computer systems. They are merely text files that can be deleted at any time - they are not plug ins nor are they programs. Cookies cannot be used to spread viruses and they cannot access your hard drive. This does not mean that cookies are not relevant to a user's privacy and anonymity on the Internet. Cookies cannot read your hard drive to find out information about you; however, any personal information that you give to a Web site, including credit card information, will most likely be stored in a cookie unless you have turned off the cookie feature in your browser. In only this way are cookies a threat to privacy. The cookie will only contain information that you freely provide to a Web site.
Cookies have six parameters that can be passed to them:
- The name of the cookie.
- The value of the cookie.
- The expiration date of the cookie - this determines how long the cookie will remain active in your browser.
- The path the cookie is valid for - this sets the URL path the cookie us valid in. Web pages outside of that path cannot use the cookie.
- The domain the cookie is valid for - this takes the path parameter one step further. This makes the cookie accessible to pages on any of the servers when a site uses multiple servers in a domain.
- The need for a secure connection - this indicates that the cookie can only be used under a secure server condition, such as a site using SSL.
Both Netscape and Microsoft Internet Explorer (IE) can be set to reject cookies if the user prefers to use the Internet without enabling cookies to be stored. In Netscape, follow the Edit/Preferences/Advanced menu and in IE, follow the Tools/Internet Options/Security menu to set cookie preferences.
Keeping track of big data trends, research and statistics gives IT professionals a solid foundation to plan big data projects. Here are 15... Read More »Enterprise Storage Vendors
There's a number of vendors that sell enterprise storage hardware or offer cloud-based enterprise storage. View Webopedia's Enterprise storage... Read More »50 Cloud Computing Terms Defined
From planning a private cloud project to finding an online cloud storage provider, Webopedia's A-Z Cloud Computing Glossary will help you... Read More »
- Enterprise Mobility Exchange results show continued growth and emphasis on mobility. CIOInsight breaks down the numbers here. »
- Watch Datamation's editor James Maguire moderate roundtable discussions with tech experts from companies such as Accenture, Dell, Blue Jeans Network, Microsoft and more »
From the widest view, everything that we include under the heading of mobile has irrevocably changed IT's relationship with the rest of the... Read More »Choosing an Enterprise Storage Implementation
When you deploy a new enterprise storage system, you must decide whether to design and build your own storage system or to utilize a cloud-based... Read More »Big Data Analytics Expert Predictions
In this Webopedia Did You Know...? article we look at three big data expert predictions for 2014. Read More »