Difference between revisions of "Cookies"

From SI410
Jump to: navigation, search
(First Party Cookies)
Line 1: Line 1:
 
{{nav-Bar|topics#I}}
 
{{nav-Bar|topics#I}}
  
A cookie is a text file that is sent from a website and uploaded to a user's browser when the user enters the website <ref>Wikipedia: HTTP Cookie http://en.wikipedia.org/wiki/HTTP_cookie</ref>. They allow ease of storing information for websites that require a user to login <ref name="wac">What Are Cookies Website: Computer Cookies Explained http://www.whatarecookies.com/</ref> and ease of navigating a website <ref name="HSW">How Stuff Works Website: "How Internet Cookies Work" http://computer.howstuffworks.com/cookie.htm</ref>. Cookies identify a user using what is called a name-value pair <ref name="HSW"/>. They are assigned set times as to when they will be discontinued. A user can be told when a website sets a cookie and can choose settings that prevent cookies from being implemented. One of the criticisms of cookies, tracking cookies in particular, has been the issue of privacy and whether parties using them can see what sites you have previously visited <ref name="wac"/>.  
+
A cookie is a text file that is sent from a website and uploaded to a user's browser when the user enters the website <ref>Wikipedia: HTTP Cookie http://en.wikipedia.org/wiki/HTTP_cookie</ref>. They allow ease of storing information for websites that require a user to login <ref name="wac">What Are Cookies Website: Computer Cookies Explained http://www.whatarecookies.com/</ref> and ease of navigating a website <ref name="HSW">How Stuff Works Website: "How Internet Cookies Work" http://computer.howstuffworks.com/cookie.htm</ref>. Cookies identify a user using what is called a name-value pair <ref name="HSW"/>. They are assigned set times as to when they will be discontinued. A user can be told when a website sets a cookie and can choose settings that prevent cookies from being implemented. The tracking of cookies poses ethical concerns such as the issue of user privacy and the ability for parties using cookies to see what sites the user has previously visited <ref name="wac"/>.  
  
 
[[File:Ecc.jpg‎|thumb| Examples of cookies]]
 
[[File:Ecc.jpg‎|thumb| Examples of cookies]]

Revision as of 21:38, 6 December 2012

Back • ↑Topics • ↑Categories

A cookie is a text file that is sent from a website and uploaded to a user's browser when the user enters the website [1]. They allow ease of storing information for websites that require a user to login [2] and ease of navigating a website [3]. Cookies identify a user using what is called a name-value pair [3]. They are assigned set times as to when they will be discontinued. A user can be told when a website sets a cookie and can choose settings that prevent cookies from being implemented. The tracking of cookies poses ethical concerns such as the issue of user privacy and the ability for parties using cookies to see what sites the user has previously visited [2].

Examples of cookies


Setup of a Cookie

Cookies are set using a name-value pair. For example, a sample of a cookie used by goto.com:

UserID      A9A3BECE0563982D

In this case, "UserID" is the "name" part of the name-value pair and "A9A3BECE0563982D " is the "value" [3].

Uses

Cookies allow for websites to easily maintain preferences whenever a user logs out of a website and insure that the users preferences are maintained when a user logs back into a site. For example, Facebook uses a cookie to customize its advertisements, products and features to a particular user, maintain the user's privacy and other various settings when the user logs out and alert Facebook when someone tries to get into a user's account or violates Facebook's policies [4]. E-commerce sites use cookies as a "shopping cart". This allows a server to hold on to items that a user would like to purchase while the user continues to shop for other items. If it were not for cookies, servers would have a difficult time retrieving a user's information [2].

Types

Session Cookies

Session cookies, also called transient cookies, are temporarily stored on a person's computer while the user is browsing on the site. This allows the user to move from page to page on the site. The session cookies are not attached to a user's hard drive and do not collect any information about the user's online history.

Permanent Cookies

Permanent cookies, also called persistent, or stored cookies, are not deleted when you leave a website. They allow the site to identify individual users. These cookies allow a site to keep track of and maintain a user's settings or preferences when the user logs out of a website and later logs back in [5].

First Party Cookies

First party cookies have the same domain that a user is currently browsing. For example, if a user is on Amazon.com, the cookie will have the same domain name: Amazon.com.

Third Party Cookies

Third party cookies have a different domain than what is in the user's address bar. For example, a user may be on Amazon.com, but the cookie could have a domain name other than Amazon.com. Third Party Cookies are the subject of debate when it comes to cookies and privacy. Browsers, such as Firefox, Internet Explorer and Google Chrome, by default, allow the use of third party cookies[6].

Zombie Cookies

These are cookies that automatically recreate themselves after a user initially destroys them[3].They are stored outside of allocated cookie storage locations and this allows them to persist after a user deletes their cookies. They can be stored either online or on your computer and because they do not behave like traditional cookies they can be attached to your browser even if you have chosen not to allow cookies[7]. This type of cookie was first discovered at UC Berkley when researchers found they could not delete cookies as they kept returning[8].

Ethical Concerns

Cookies themselves are not viruses, but there have been concerns of privacy on the internet, especially with Third Party Cookies. Cookies of this sort can have the capability to track what other sites a user browses and allow other sites access to a user's information without the user going on to the site and/or give a user's information to another site without the knowledge and consent of the user. Zombie cookies can track users across different browsers used by the same computer because the cookies are stored in places that are common between browsers[7].

There is also the concern that data about a user can be intercepted as the connection between the browser and the user is not encrypted. This would give them access to sensitive cookie data including anything a user has entered them-self into a website, for example filling out a form online[9].

In regards to privacy, a major ethical concern regarding Third Party Cookies, is the ability for them to track a user's frequently visited websites as well as store data and patterns about that user's activity online on various webpages. These functions are often used by advertisers to watch what other sites and products the user is viewing. It is often advised to turn off cookies or only accept cookies from trusted, visited sites. With these sites, cookies help a user who visits the webpage often by remembering their specific information for the frequently visited website. Zombie cookies are also considered a privacy breach as they can be stored right onto your computer and are not removed when a user explicitly expects to do so[8].

Laws Regarding Online Privacy

Europe

In 2002, the European Union made rules regarding the use of cookies. In particular, "the user is provided information about how this data is used" and the opportunity to deny a website from storing their information. In 2009, the European Union amended this law to include giving "a user advanced written notice that a cookie is being placed on his or her device and describes what the cookie is doing" and "obtains the user’s consent to the placement of the cookie before placing the cookie on the user’s device". On May 26, 2011, the European Union set guidelines for websites about using cookies. In order for a site to keep cookies on a user's hard drive, the website must get the consent of the user and gain acceptance [3] [5] [6] [10].

United States

The site of the National Security Agency was caught putting cookies on user's computers that were capable of tracking a user's web activities. [11]

See Also

References

  1. Wikipedia: HTTP Cookie http://en.wikipedia.org/wiki/HTTP_cookie
  2. 2.0 2.1 2.2 What Are Cookies Website: Computer Cookies Explained http://www.whatarecookies.com/
  3. 3.0 3.1 3.2 3.3 3.4 How Stuff Works Website: "How Internet Cookies Work" http://computer.howstuffworks.com/cookie.htm
  4. Facebook Website: Cookies, Pixels, and Similar Technologies: "How Cookies Work" http://www.facebook.com/help/cookies/
  5. 5.0 5.1 About Cookies Website: Frequently Asked Questions http://www.aboutcookies.org/default.aspx?page=5
  6. 6.0 6.1 Open Tracker Website: "Third-Party Cookies vs. First-Party Cookies" http://www.opentracker.net/article/third-party-cookies-vs-first-party-cookies
  7. 7.0 7.1 Wikipedia: Zombie Cookies http://en.wikipedia.org/wiki/Zombie_cookie
  8. 8.0 8.1 Helium Website: "Zombie Cookies: What zombie cookies are and how to delete them" http://www.helium.com/items/1905717-zombie-cookies-what-zombie-cookies-are-and-how-to-delete-them
  9. Cookie Central Website: Frequently Asked Questions http://www.cookiecentral.com/n_cookie_faq.htm#sens_info
  10. Open Tracker Website http://www.opentracker.net/
  11. Dummies Website: "Defining and Dealing with Web Cookies http://www.dummies.com/how-to/content/defining-and-dealing-with-web-cookies.html