1.1 What is a Cookie? A cookie is simply an HTTP header that consists
of a text-only string that gets entered into the memory of a browser.
This string contains the domain, path, lifetime, and value of a variable
that a website sets. If the lifetime of this variable is longer than the
time the user spends at that site, then this string is saved to file for
future reference.
However cookies can be used for more controversial purposes. Each access
your browser makes to a Web site leaves some information about you behind,
creating a gossamer trail across the Internet. Among the tidbits of
data left along this trail are the name and IP address of your computer,
the brand of browser you're using, the operating system you're running,
the URL of the Web page you accessed, and the URL of the page you were
last viewing. Without cookies, it would be nearly impossible for anyone
to follow this trail systematically to learn much about your Web browsing
habits.
So you can be tagged and tracked - without your knowledge or consent.
OK, let's review:
Can you get a virus from a cookie? No.
Can your hard-drive be erased by a cookie? No.
Can certain web-sites keep track of what you do on their sites, and what
you click on while you're there? Yes.
Other cookie resources
(learn your ass™):
Cookie Central
- A site with a ton of information about cookies (nice name - too much
content to be a "central," in my opinion.
Microsoft used to cram cookies... down your throat, let's say. But recently
has toned down their attitude a little, here's
their latest view on cookies: I wish I had their old page, it was
much more "informative."
Melloing out a bit
09/13/00
In an attempt to strive for a little balance. I do want to point out
that cookies in-and-of themselves are not "bad" and do not cause
any harm. All my friends (the ignorant ones at least) think I'm paranoid.
(You would be too if everyone was trying to kill you... anyway).
Browser security settings, by default, are weak or non-existent. TweakCentral
can show you how to change your browser security and privacy settings.
I will let you decide for yourself which approach to take.
I, for example, have two zones: One zone for "trusted sites"
which allows cookies (among other things) and another zone for all other
sites. You may want to try a similar configuration.
How to get rid of the cookies you already have
(IE & Netscape 4.x)
Cookies are stored as plaintext (.txt) files in the following directories:
Windows 2000:
C:\Documents and Settings\username\Cookies\
Windows NT4: C:\WINNT\Profiles\username\Cookies\
Windows 9x (95,98,98 SE, ME):
C:\Windows\Cookies\
You can go through these files and delete them freely.
Keep in mind that if you delete a cookie from a given site, you may have
to "log in" to that site again or set up any custom setting
that site may have made for you.
This can come in handy if a web-site you visit has set a certain setting
for you and you want to change it, for example.
8/30/99 Update: I'll update this page soon
with more information to help you make an informed choice of whether or
not to allow cookies when you're on the web.
Also, Internet explorer 5 has some interesting security features relating
to cookies, so I'll cover those too.
If
you don't want cookies on your computer, here's what you can do (for starters):
If you want to re-enable cookies (if a web-site won't let you access it,
for example) simply go back and select "enable cookies," you
can disable them again when you don't want them any more.
How to stop accepting new cookies
Internet
explorer 5:
Click on Tools | Internet options... Then
click on the Security tab at the top.
Internet explorer 5 uses "Security Zones" to help you manage
your security settings. You can have different cookie settings in each
zone (see below).
The "Internet" zone is where all web sites fall
by default. You can add more zones (See this page)
if you like, but then you have to manually add all sites to that zone.
Modifying the Internet Zone will affect all
sites you haven't assigned to other zones.
To modify the settings for the Internet Zone, click the custom
level button.
You will then be presented with a dialog box with all the customizable
security settings for the Internet Zone. Scroll down to the cookie settings
and set them accordingly.
Click OK a couple times and
you're set!
The problem with this method is that if you want to accept cookies, or
otherwise allow more lax security settings for web-sites that (ugh) require
them, you have to maintain at least two "Zones" (this is what
I do). Trust me, it can be a bit tedious.
But until the web is a safe place and all web-sites you visit can be trusted,
it's the best I can come up with.
In Internet explorer
4:
Go to Tools | Options, click on the Advanced
Options Tab and scroll down and click on the "Disable all
cookie use" button:
In Netscape 4.x,
go to Edit | Preferences | Advanced and then
click on Disable cookies.
Third-party
cookie "cleaner" (remover) software
In my opinion, these programs all into the same snake-oil category
as "net accelerator" software. I haven't tried any of these
programs, but you are certainly welcome to. Related links:
information
Best tweak sites
Tweak
Central "cookies" page
From
Internet
explorer 5:
In Netscape 4.x,
go to Edit | Preferences | Advanced and then
click on Disable cookies.
