The Cookie Conspiracy: part one

The folks who get paid to write scary stories about online privacy and information rights were at it again today. I was the weirdo eating a sandwich in his car yelling at the radio again during lunch.

Let me explain myself. There was a reporter on NPR today talking about cookies and all the ways that they are used to gather information about you. She didn't go into much detail about how cookies work except to say that they track your activities so that "they" know what your doing. That kind of statement really leaves much to the imagination and can quickly make even the most reserved listener begin to cook up conspiracies. Pun intended.  I'll admit I'm a little biased towards the friendly web developer so it's only fair that I back up my statements with actual facts. 

So my parking lot tirade has prompted a new blog series on cookies!

What's a cookie? 

Microsoft says,

"A cookie is a text string that is included with Hypertext Transfer Protocol (HTTP) requests and responses. Cookies are used to maintain state information as you navigate different pages on a Web site or return to the Web site at a later time."

There are first party cookies, third party cookies, and other types I'll get into next time but for the most part when you visit a website that is using cookies, your computer will receive a one that in essence is nothing more than an identifier of your computer. The analytics software the website developer is using keeps track of what gets clicked on, how long each page visit was, how often the visit was repeated etc. and it does that by identifying the cookie on your computer it gave you upon your arrival. That's it. The cookie contains a specific individual little blurb of code that is meaningful only in the sense that it separates this computer from all the others.

Website owners use that information for tracking trends (trending) in order to help make design and content decisions. So for example as visits occur on my website I can see over time what the visitors do on average when they are there. I do not know specifically that Margaret Jones who lives at 1234 Somewhere street in Ekalaka Montana likes patina collectibles, still watches Murder She Wrote, owns her home, just quit smoking, will be out of the house Tuesday night for Bridge Club, has a credit card and here's the number, and she loves cats.  I do know however that the Home Page at my website is my most popular location for people to enter the website, the blog is 20% more popular now than it was last month, and that no-one is able to find the link to my t-shirt printing website.

Wikipedia says, 

"Cookies are not software. They cannot be programmed, cannot carry viruses, and cannot install malware on the host computer. However, they can be used by spyware to track user's browsing activities – a major privacy concern that prompted European and US law makers to take action. Cookies could also be stolen by hackers to gain access to a victim's web account."

Okay how is it possible that a cookie could give away my web account information? If your computer get’s hacked, the hacker can now change preferences you’ve chosen like a personal Google start page or your Yahoo home page, if they also know your passwords to log on to those services. Now the hacker can change your settings and send nasty chats to your friends, but they probably also have access to your entire computer which is not the fault of the cookie, but more likely your faulty firewall or easy to guess system password.

Do you have passwords to your banking accounts on your computer? Make sure your computer is password protected at the login and if it get’s stolen have those phone numbers somewhere so that you can call the banks etc. Still no-one can drill into your computer through a cookie.

Next in the series I will talk about;

• each common type of cookie
• how they are generally used
• how to manage them 
• how to use them for your own website

Bill Edmonson

Thermal Creative is a website development company in Bozeman Montana that specializes in helping businesses enhance their website performance through beautiful data driven design, superlative programming, user friendly content management systems (CMS), website marketing consulting (SEO and SEM) and email marketing.