What Is a Cookie?
You know, I am tired of misconception that exist about internet cookies. It is getting ridiculous. Some people afraid of something very silly. Back in the Stone Age people where afraid of lightning storms because of a lack of knowledge. They believed that this was an act of God or something. Now you read about this and probably laughing "how silly that is". Well, I am laughing too, when I hear a fear of cookies. Some even call it a security threat, giving some "logical" explanation. With that "logic" I can easily corroborate that driving a car is the most dangerous thing on earth. I'm sure, no one would argue that there is a little danger, but overall it is pretty much safe to drive a car.
Same with the cookies. You can find a danger in the most innocent act of life, but that does not mean you have to be afraid of that. There's no security threat. It is not a bad thing at all. In fact YOU can only benefit by allowing your browser to accept and process the cookies as necessary.
And the worst part is that some programmers being so paranoid, that they truly started to believe in such a little danger. Those idiots are probably confusing innocent people about danger that does not exist. I even fired one programmer just because he said that he always disables cookies on his home computer. How productive that person could be in my business if he has such weird paranoia?So, what is a Cookie anyway?
Cookie is a very small piece of information that is stored by your browser in your computer. It is sent to you by the web site you are visiting, for the purpose of reading that very same piece of information later, when you return to the same site or page. That's all.
No credit cards, no passwords, no other secret or private information is involved here. What can be sent to you in a form of cookie by a web server? Guess what? Something that server already knows about you! So why would you be afraid of that? Web server can not lookup in your computer to read something else. Web server can not even read cookies sent to you by other web servers. Every web server can read only something that this web server already knows, because it stored that on your computer in the past.
It only serves a purpose of identification. Just imagine, you walk into the store, and sales person looks at you and says: "I'm going to call you Bob", then you walk out of the store. When you comeback tomorrow, that sales person remembers you, because he saw and recognize your face. And on internal paperwork that he might have, he would refer to you by name Bob. Now you tell me how would that be a danger to you?
Cookies works almost the same way. If I saw you on the street once, I might recognize you later, and in the mean time if I remember you as "a guy with the hat", then that is not a security threat! Isn't it? Now, if you would tell me your name and phone number, then I could remember that, but cookies has nothing to do with that, because I could (and would) store it internally and not in the cookies.
This actually raises another question, that some so-called "security specialists" are trying to argue. Some of them say that if (1st if) you provide for example login information to a web site and if (2nd if) that login information is stored in the cookies then it could be a security threat, because someone in your house could look in your computer and read that. How stupid that argument is !!! I'm not sure if I should mention all the reasons why that argument is wrong, because this page is already long enough. Instead, I'll just mention a few. First of all, that is not practical, inconvenient and will not benefit web site developer. I think that, is enough to recognize that this would never happen in the real world. Let me bring you analogy: when you are paying with a credit card in a store, that credit card number, as well as expiration date is stored in the credit card machine, and can be easily retrieved by the sales person later. Do you know that sales person can get your credit card number and post it on a bulletin board in front of the store? Yes they technically can do that! But does anyone doing it? No! And I don't have to tell you why this sounds ridiculously silly. Exactly the same way I feel as a software developer, when I hear an argument such as mentioned above. Second - the size of a cookie is limited, and web developer can not fit there everything they might know about you, and why would somebody do that? You can change your computer, you can reinstall browser or upgrade your operational system. The cookie is not a reliable place for storing information. That's why there's nothing really important could be stored there.How cookie could be useful?
Now let me tell you how you can benefit from that. I will tell you how we are using cookies on our web sites and web sites that we build for our clients,
Cookies used mostly for identification purposes. For example, one of our clients has huge database of audio album records. First time you visit that site, we assign you a unique number and we use that number to refer to you inside of our advertisement network. For example, if you search for Jazz music on that site, we memorize that you showed some interest in jazz music. We store that information inside of our network in a database in your profile. The next time you visit that site, we can recognize you only by your ID number by reading it from the cookie, so at your next visit we will show you banners related to the jazz music and/or artist you where searching for. We understand that you probably would not be interested in a country western music, because you've searched for jazz in the past. Now tell me, who is benefiting from that? You! Because you see an advertisement that you might be interested in and not some garbage.
Another example is E-commerce site. When you make a purchase and fill in a form with the shipping address to receive the items you just bought, we store your ZIP Code in the cookie in your browser. So the next time you comeback to the same site, even 3 months later, we will recognize your ZIP Code and we will show you exact shipping rates available for your ZIP Code. Again, who is benefiting from this, but you?!
And last example that we used throughout many administrative sites that we developed is the personal settings. We want you (as well as our customers) be very productive. That's why we have provided with many options to customize our web-based applications. I am talking about interactive control panel used to control industrial equipment as well as various office paper-work, etc. These are not some public web sites. These are highly customized applications accessible by a limited number of people. So, we have provided our customers with an option to select the size of certain tables and other objects displayed in the browser, as well as colors, font sizes and other visual parameters, which could affect your productivity. And since not all the computers are the same, especially the monitor sizes, we decided to store those preferences in the cookies. So even when the same person login from two different computers, that person will see a different interfaces, suitable to that particular computer and monitor. It makes the browsing experience very pleasurable, and positively reflects on productivity of employees.
Bottom line is this: Cookies are good, and there's nothing to worry about.
If you need help or have questions about this article, you can call me and I would be happy to talk to you.
Sincerely,
Lev Shamilov
Chief Technology Architect
NetChain Communications, Inc.
619-512-2255