Cookies: What is a “cookie”?

Adapted from Computer Concepts, New Perspectives, Thompson Course Technology

Dr. Roger Webster & Dr. Nazli Mollah

EDW 647: The InternetEDW 647: The Internet

24

Cookies: What is a “cookie”?

Cookie – small chunk of data generated by a Web server and stored in a text file on your computer

A cookie is created by a Web server and stored on your computer’s hard disk




25

What is a “cookie”?

Web sites use cookies to: Track your path through a site to keep track of the pages you viewed or the items you

purchased

Provide information that allows the Web site to present you with ad banners targeted to products you previously purchased at that Web site

Collect personal information you type into a Web page form and retain any personal information that you type into a Web page form




Why do Web sites use cookies?

You are on your favorite online music store

You search for your favorite band, new music, listen to sample tracks

Altogether you may have viewed 2- Web pages

Each time you connect to a different page, the server regards it as a new visit

Cookies allow the music site’s server to identify you so that your request won’t be mixed up with other thousands of people visiting the same online music store

Cookies also enables the server to keep track of your activity and compile a list of your purchases




How do cookies work?

the cookie message can include a: customer number shopping cart number part number other data expiration date domain name of the host that created the cookie

a server that creates a cookie can request it the next time you connect to one its Web pages

browser server

your browser connects to a site that uses cookies

the server sends a “set-cookie” HTTP message

the cookie is saved by your browser onto your computer’s hard disk




26

Cookies are a relatively safe technology Data, not computer program

cannot executed to activate worms or viruses

Can only be accessed by site that created it

Contain only information you disclose while using the site a cookie cannot rummage through your hard drive to find passwords BUT if you enter your credit card number during an online purchase it is possible for the cookie to

store that number – same with SSN most reputable Web sites do not store such sensitive information

Uses a customer account generated number instead of your name your name is not associated with your cookies unless you entered it into a form, which is then

transferred to a cookie

Are cookies safe and private?




27

Does my computer have to accept cookies?




28

A Web programmer can program cookie to “time out” You can delete the cookies

Firefox uses Cookies.txt or Magiccookie IE stores each in a separate file

How long do cookies stay on my computer?




Online Shopping




Shopping cart – cyberspace version of the good old metal cart that you wheel around a store and fill up with merchandise

Shopper browses Web site, and then adds products using a “Buy” or “Add to Cart” button

Uses cookies to store information about your activities on Web site

Shopping Carts: What’s an online shopping cart?




Shopping Carts: What’s an online shopping cart?

Add to Cart when you click the “Add to Cart” button, the merchant’s server sends a message to your

browser to add that item number (or ID number) to your cookie, which is them stored on your computer

View Cart When you check out, the server asks your browser for all the cookie data that pertains to

your chopping cart items

Cookies Your browser sends those cookies along with a request for an order summary

Web Server The Web server uses the cookies to produce a Web page listing the items you want to

purchase




Is it safe to shop online?

spyware is any technology that surreptitiously gathers information In the context of the Web and e-commerce, spyware secretly gathers information and

relays it to advertisers or other interested parties Web marketers use several spyware techniques, including ad-serving cookies and

clear GIFs

Ad-serving cookies if you click an ad, this 3rd party can create an ad-serving cookie and use it to track your

activities at any site containing banner ads from that third party They claim that it is to simply serve you better targeted advertising but privacy advocates worry that shopper profiles are compiled, sold, and used for

unauthorized purposes

Clear GIFs typically 1x1 pixel graphic on a Web page can be used to set cookies to a 3rd party Web site You don’t even have to click a banner ad to receive the GIF-activated cookie simply viewing the page that contains a clear GIF sets the cookie Cookies created with clear GIFs have the same uses and potential for misuse as ad-serving

cookies ad-blocker software and anti-spyware are designed to block ad-serving cookies, clear GIFs, and

other spyware – some even block banner and pop-up adverts altogether – these are becoming increasingly popular products, despite their tendency to slightly slow your browser’s response time




Can credit cards be intercepted?

Can credit card numbers be intercepted while traveling over the Internet?

YES

A packet sniffer (protocol analyzer) is a computer program that reads (sniffs) data packets as they travel over networks most devices read only packets addressed to them, but packet sniffers read packets

addressed to other devices good for network administrators who have a legitimate need to observe/ open packets to

their network dangerous for hackers

Ethereal is a well-known packet sniffer software




Transaction Privacy & Security

To protect your data from packet-sniffing data, you should engage in electronic transactions only over secure connection

A secure connection encrypts the data flowing between your computer and the Web server

Even if a hacker can access packets containing your payment data, it is of little use if the data is cannot be decrypted

Technologies that create secure connections include SSL and HTTPS

Cookies: What is a “cookie”?

Documents

Transcript of Cookies: What is a “cookie”?