The Way the Cookie Crumbles

The magazine of the Melbourne PC User Group
The Way the Cookie Crumbles
Ian McDowell

When we access the World Wide Web, the Web invades our computers. Web pages enter volatile memory. Downloads write to hard disks, when we believe they are virus free and give permission. We have learned to open files attached to e-mails only if we are sure they are virus free. But Web site proprietors may write cookies to our hard disks also, possibly without our being aware of this.

Cookies are small text files, say 4 KB, designed primarily to be recognised and quickly identify repeat users of a site. Web sites may read cookie files and write to them. The name is thought to stem from the early pre-virus cookie monster nuisance program that annoyed users who did not feed it a cookie.

Cookies accumulate in ever-increasing numbers, to a maximum of say 300, in our Web browser folders. Additional purposes vary. A cookie may customise Web pages as they appear, in order to do this sort of thing:

greet a user by name
feed back user details when hits are made
record account information or identifications
pass over pages or messages the user does not want
give special sales messages adapted to the user's preferences
remember orders placed but not executed, e.g. if a session is aborted

I n general, at the next access cookies give the server information about the previous access. This may provide a Web site manager with tools to build profiles of users for the purpose of market research.

Web browsers are programmed to permit all this in a manner comparable with the storage of configuration information. Web sites simply seek their own cookies, read the script, and translate it into appropriate action. It is a payback for free e-mail. This makes privacy an issue with cookies, one which has not yet been resolved.

Browsers may be configured to accept or reject cookies, or to give an onscreen option to choose. If we select rejection, we put up with large numbers of warning messages, or the site may not let us proceed unless we accept its cookies. In Internet Explorer 4.x go to VIEW | OPTIONS | ADVANCED and check the box "Warn before accepting cookies". At least this puts us in control.

Code for setting up cookie production by a Web site designer are provided for in the HTML command "Set-Cookie", or in Javascript.

The writer finds it best to enable the onscreen choice to accept or reject any cookie at the time, and to remove the cookies periodically with a program like Cookwash, a cache and cookie washer for Internet Explorer. This clears the cookie files, temporary files, the cache, the history database and certain stored information. The benefit is privacy; the penalty is the need to accept cookie files afresh when asked on a future occasion.

Cookies are not executable programs. At worst they are unwanted invasions, particularly if accepting one is a requirement for proceeding further with a session, say of Internet banking. This is a fairly simple presentation.

For more, a Web search on "cookies" produces a vast amount of discussion, technical information, learned articles and software.

Reprinted from the October 2000 issue of PC Update, the magazine of Melbourne PC User Group, Australia

[About Melbourne PC User Group]