Cookie Central

Back about 15 years ago, some nice folks at Netscape suggested that the performance of the worldwide web would be greatly improved by a mechanism that allowed rapid, invisible communication to pass from a user's PC to a web server and back. Thus was born the cookie, and the world changed. Even though this all happened a long time ago, many people still don't understand what a cookie is, even if they've heard the word used in connection with the web or websites. And in a way, that's not too surprising. The original, innocent purpose of the cookie is still there, but it's been hugely subverted and by businesses which really don't want you knowing what they're doing behind your back. This is too small a space to describe how cookies work today, or what information they store, but as a general rule you'd be safe in believing that any site you visit will drop at least one of these little guys and it will then record information about your visit to that site, and subsequent visits, and in many cases, subsequent visits to other sites, as well. A copy of all this will be sent back to that site, when you return, or sometimes, when you visit some other site. Some sites use cookies to store much more information about you on your computer; Sitejabber, for example, stores maybe around forty cookies on the laptop I'm using right now, of which about thirty are records of which sites I've reviewed in the past, and the rest hold bits of information about where I've been and other information useful in some way or another to the site management. This all takes up a relatively small space, as the maximum size of a cookie is 4k, or approximately 4000 characters, and in reality cookies are far, far shorter than that. But they're still using your space, sometimes without your conscious knowledge or permission, and they're often tracking you as you travel around the web and then phoning home. Most common of the cookies you're almost guaranteed to have already, are the ones from Google Analytics, a service which the vast majority of websites use to track their visitors' behavior secretly. These, at minimum, will tell a website which previous site you visited, so for example if you go from a porno site to SiteJabber, the SJ Google Analytics cookie will record that little detail. Another side-effect of Google Analytics cookies is that every scam site and phony Ugg salesman I visit can see I got there from Sitejabber. This data could be used by a scammer to tell whether it's worth posting fake reviews here. Browser manufacturers and third parties have developed various ways to block cookies or modify their usage over the years, but most people are still being tracked without their knowledge because they don't know enough to prevent it. The latest development is a bunch of secret files called a Locally Shared Object, or LSO, also called a "Flash cookie", which can be up to twenty-five times the size of a standard browser cookie and can't even be located or deleted by a standard cookie manager. A website can not only use one of these to store a huge amount of information about your web habits, which it will recover when you revist the site, the LSO can also be used dynamically by a remote website to restore a cookie you've deleted, without you knowing, or create a completely new one. Thus you may feel safe, because you've managed your browser cookies, but in fact an LSO has simply undone your work as soon as you looked the other way. Cookie Central has been around for a long time, and in fact some of the information here goes back not far after the origination of the cookie idea. But it's very useful and well written, and serves as a good introduction to the whole concept of browser cookies. While some of the data is older, the news is up to date, and covers general malware and security issues such as drive-by downloads and viruses. It even has a bunch of interactive pages you can use to create your own cookies, just to see and understand how they work and what they can store. If you want to get a solid grounding in the concepts, give it a try before diving into the deep end of what has become a very complex topic, way beyond anything that Netscape imagined way back when. LSOs are beyond the scope of this review, but you can Google the term for information, and browser extensions exist which will delete them. I'm not aware of anything which allows you to read one, as yet, though. Lastly, most if not all online businesses will tell you that cookies are essential to the future success of the web, which will fail miserably without 'targeted advertizing', thus putting them all out of business, causing floods, earthquakes, plagues of locusts, etc. The more information they get from you, knowingly or otherwise, the more profitable their advertizing becomes. For now, you still have some choice about how much information you hand over and how much support you want to give to online businesses; in the UK (but not the USA) there are now laws inhibiting the use of LSOs without permission, too, but you need to be informed in order to make your choices and understand how to apply them. Knowledge isn't quite the power it used to be, but it's still the best weapon you have.