From: Bob Rankin (bobrankin@MHV.NET)
To: TOURBUS@LISTSERV.AOL.COM
Reply-To: TOURBUS-Request@LISTSERV.AOL.COM
Subject: TOURBUS - 30 June 1998 - Best of Tourbus #3: Cookies
"Cookies"
---------------
.. is the term used for little chunks of data that web servers can
store on your hard drive. Cookies record information about your visit
to a particular site, and can only be read back later by the site that
created them. They are often used to make your web surfing more
personal and convenient, but some people fear that cookie abuse could
lead to loss of privacy.
Cookies Are Good For You
------------------------
More and more sites are using cookies to enhance your web experience and
enable some pretty cool features. The ever popular Yahoo site uses
cookies to help you customize the site to suit your likings. If you
specify that you want baseball scores, political headlines and a handful
of quotes from your stock portfolio, Yahoo will record those preferences
in a cookie. Then each time you return, the Yahoo server will read that
cookie and customize the site accordingly. It's kind of like going to a
restaurant where the waiter remembers your name and knows you like blue
cheese dressing and extra croutons on your salad.
Some sites require that you create a userid and password to login before
you can access certain content, but it can be a nuisance to remember and
enter this information each time you return. By storing this data as a
cookie, you only have to enter it once. Another good use for cookies is
to remember your preference for text versus graphics, or an aversion to
frames.
And if you do any online shopping, cookies make it possible to create a
"shopping cart" into which you can place your selections before checking
out. You can even logoff half way through a shopping expedition and
pick up later right where you left off.
What's in a Cookie?
-------------------
All of this reading and writing of cookies normally takes place without
the user knowing that it's going on behind the scenes. Let's take the
mystery out of cookies by finding out where they live and what's inside
of them. Cookies are stored in a variety of places on your hard disk,
depending on your browser and operating system.
Netscape Navigator for Windows:
See "cookies.txt" in C:\Program Files\Netscape\Navigator folder
Netscape Communicator for Windows:
See "cookies.txt" in C:\Program Files\Netscape\Users\<username>
Netscape for Macintosh uses a file called "MagicCookie" found in
the Netscape folder inside your System Folder's Preferences folder.
With Microsoft Internet Explorer, there's a separate file in the
C:\Windows\Cookies folder for each site that wants to store cookies
data on your computer. The Mac version of Explorer uses a file
called "cookies.txt" in the Cache sub-folder of the Explorer folder,
which is inside your System Folder's Preferences folder.
Once you locate your cookies file, take a look inside with a text editor
and you'll probably be surprised at the number of entries squirreled
away by sites you've never heard of. That's because many popular sites
have banner ads that are served up by other companies such as
DoubleClick and LinkExchange. When you visit the Dilbert website, for
example, you'll get a cookie from DoubleClick.
Each line of the cookies file contains the name of the site that wrote
the entry, an expiration date, and some additional data pertaining to
your visit to a site. Other crumbs of data that may be stored in
cookies include your domain name (the part to the RIGHT of the "@" sign
in your e-mail address), the date and time of your visit, the type of
computer, operating system and browser you have, and a history of the
pages you visit at a specific site. Big deal, huh?
Cookies Are Safe
----------------
It's important to remember that a cookie cannot store any personal data
such as your name, e-mail address or phone number UNLESS YOU PROVIDE
THAT INFORMATION on a form at the site creating the cookie. Further,
the safety features built into the cookies technology DOES NOT ALLOW a
website operator to rifle through the files on your hard disk, or to
look at cookies that were created by other sites.
Remember these important facts about cookies:
- Cookies cannot access personal data or files from your hard drive
- Cookies can only be read by the website that created them
Can Cookies Be Bad For You?
---------------------------
None of the information stored in a cookies file is really shocking in
and of itself, but it's the ability to track the specific sites and
pages you visit that worries some people. Since ad agencies like
DoubleClick have their hooks in many popular sites, there is the
potential that they could surreptitiously gather information on the web
surfing habits of individuals. If this information was sold or
improperly analyzed, it could cause trouble in the wrong hands. Right
now, DoubleClick says they only use cookies to keep users from seeing
the same ad too many times, but some are envisioning more frightening
scenarios.
Could you face the prospect of being denied a job because you visited a
website advocating the legalization of marijuana? Get hit with an
insurance rate hike after visiting an AIDS patient informaton site? Or
find the Feds at your door after browsing through online bomb making
information?
Such prospects seem highly unlikely to yours truly, but privacy
advocates like Jeff Chester of the Center for Media Education see danger
ahead. "We have to keep online marketers out of the cookie jar," says
Chester. "Such Orwellian practices to stealthily track every move made
online and share that information with other companies should be
prohibited."
Others are quick to point out that online services like America Online
and Compuserve have the ability to track the actions of subscribers at a
finer level, and know much more about their subscribers than cookies
could ever reveal to website operators. Armed with your name, home
address, credit card number, and the ability to record every word you
write in the the "Cheatin' Hearts" chat room, one would think the
potential for abuse is much higher, but there is no anecdotal evidence
that it has ever happened, either on AOL or a cookies-enabled website.
Another interesting side note: I've NEVER received a cookie from any
government or military website. I suspect there is an official policy
of the US government which forbids or discourages it.
Tossing Your Cookies
--------------------
If you're convinced that cookies pose a threat to your privacy, and
you're willing to live without the convenience they provide, there are a
variety of ways to block, delete and even totally prevent cookies.
Both Netscape and Explorer give users the option to refuse cookies.
With Netscape Navigator, select Options/Network Preferences/Protocols
and check the box reading "Show an alert before accepting a cookie".
This will cause a popup to appear each time a site wants to create a
cookie, and you'll have the option to accept or refuse the cookie.
(With Netscape Communicator, select Edit/Preferences/Advanced for
cookies settings.) With MS Internet Explorer, you can do the same thing
by selecting View/Options/Advanced and checking the "Warn before
accepting cookies" box. This gives you the option to accept cookies
only from sites you trust, but gets annoying after a while.
Another idea is to make your cookies file read-only. This will prevent
any new cookies from being written to your hard disk, while allowing
cookies to function normally during a single browser session. So you
could still use online shopping sites, but you'd miss out on the ability
to use customization features at sites like Yahoo. Deleting your
cookies file(s) after closing your browser would have pretty much the
same effect.
If you're really serious about online privacy, visit the Anonymizer
website (www.anonymizer.com) and find out how to
make all your web
viewing totally anonymous and frustrate the cookie senders. You can
also download a variety of free or inexpensive shareware programs such
as Cookie Monster, Cookie Cutter and Cookie Crusher that give you total
control over cookies.
Learning More
-------------
If you want to learn more about the technical details behind cookies, or
delve further into the privacy and security issues, visit these sites on
the web:
<a href="http://home.netscape.com/newsref/std/cookie_spec.html">
Cookie Tech Specs - http://home.netscape.com/newsref/std/cookie_spec.html
</a>
<a href="http://www.illuminatus.com/cookie.fcgi">
Andy's HTTP Cookie Info - http://www.illuminatus.com/cookie.fcgi
</a>
<a href="http://www.cookiecentral.com">
Cookie Central - http://www.cookiecentral.com
</a>
<a href="http://www.epic.org">
Electronic Privacy Information Center - http://www.epic.org
</a>
I hope this info helps you to understand the truth about web cookies.
Feel free to pass this along to a friend! See you next time! --Bob
=====================[ Tourbus Rider Information ]===================
The Internet Tourbus - U.S. Library of Congress ISSN #1094-2238
Copyright 1995-98, Rankin & Crispen - All rights
reserved
Archives on the Web at
http://www.TOURBUS.com
Join: Send SUBSCRIBE TOURBUS Your Name to LISTSERV@LISTSERV.AOL.COM
Leave: Send SIGNOFF TOURBUS to LISTSERV@LISTSERV.AOL.COM
PROMOTE your business on the Internet Tourbus. Reach over 80,000
people in a Net-friendly way. Our sponsors say "It
works!"
Make it work for you - contact BobRankin@MHV.net for details.
Send this copy to 3 friends and tell them to hop on the Bus!
=====================================================================