Re: Cookies for monitoring data use?

Date: Sun Oct 19 1997 - 18:48:26 EEST

Re: cookies...

The following info is from:

More information is available there and elsewhere...

>BACKGROUND: A 'cookie' is a program that a web server can send across the
Internet and deposit on a user's hard drive.
>A cookie is not a program anymore than a plain vanilla HTML file is a
It is just 255 characters of text taht is stuck in a "cookies" file that sits
on your local hard drive, used primarily to save session information between
the times you visit the same site.

>It collects whatever information it is looking for

It doesn't collect anything. It's simply a place to deposit up to 255
characters. A Web server might collect information from you if you supply it
to a site, and the server could deposit some portion of that info into your
own cookies file.

>PROBLEM: Commercial Web pages may invoke this new technology to "assist the
user when the user later returns to the same site".
>May? More like virtually all of the big boys will.

>This data can be used for marketing purposes or any other data collection

Entirely true.

> It is is a serious security risk.

This is entirely untrue. It cannot risk your security any more than in
whatever information you're giving out over the Web to begin with.

>Cookies can be altered to build personal profiles on computer users, track
your Web activities,...


>...steal credit card numbers, password files, and other sensitive data
without you ever realizing it.

The Web servers you visit could accept your credit card numbers or passwords
you send to its site, and it may put that information in your local cookies
file without you ever knowing. BUT -- it's designed so that no other site can
access cookie information deposited from another site. And your credit card
numbers and passwords are no more nor less secure than if you're sending them
out over the web by typing them in anyway.

>SOLUTION: If you use a Web browser, frequently use your file searching tools
and look for the appropriate file below and delete it if found.

What you're doing is removing any possibility for a site customizing or
personalizing information to help you out and present you with what interest
you up front, etc. Most (like, oh say, 99%) of the web servers with designs
on cookie usage are doing so to:

a. enhance the attractiveness of their sites by using them to tailor their
sites to their visitors by making them more useful

b. tracking information internally to get a better idea of what people like
on their site and what they don't like

c. add functionality and simplicity for the Web visitor

Basically, deleting this file is like welding your front door shut for fear
that it is a passageway for unscrupulous people to enter your home. Whether
the door serves a convenient purpose for the people who live there or the
people invited to visit is irrelevant.

Why contribute to the spread of Web paranoia unless you have real grounds??

greg sherwin
systems programmer, interactive content
phone: 415.395.7805 x1490
c|net : the computer network
fax: 415.395.9205

This archive was generated by hypermail 2.1.2 : Tue Jun 05 2001 - 22:40:34 EEST