“HTTP is a „stateless‟ protocol. This means that each visit to a site(or even clicks within a site) is seen by the server as the first visit bythe user. In essence, the server "forgets" everything after eachrequest.”
“Cookies are a very important method for maintaining state on the Web. "State"in this case refers to an applications ability to work interactively with auser, remembering all data since the application started, and differentiatingbetween users and their individual data sets.” “Cookies are simply text files sent by a Web site to your computer to track your movements within its pages. Theyre something like virtual license plates, assigned to your browser so a site can spot you in a sea of millions of visitors. Cookies remember your login and password, the products youve just bought, or your preferred color scheme.”
Lou Montulli, a founding engineer atNetscape Communications, invented thecookie as a way to create a virtualshopping cart, essentially launching e-commerce in 1994.The stateless internets has no memory ofa browser‟s actions. Moving from page topage is like the first time all over again forthe internets. Cookies remember theselections a user has made from page topage, thus allowing for the experience ofa virtual shopping experience.
Lou Montulli went on to be named People Magazine‟s sexiest internet mogulin 1998
“An analogy I like to use is a laundry cleaners shop. You drop somethingoff, and get a ticket. When you return with the ticket, you get your clothes back.If you dont have the ticket, then the laundry man doesnt know which clothesare yours. In fact, he wont be able to tell whether you are there to pick upclothes, or a brand new customer. As such, the ticket is critical to maintainingstate between you and the laundry man.”
•Only last for the duration of a user‟s visit to a site•Allows data selection to be remembered from page to page•Most common cookie associated with virtual shopping
•Store authentication data: log-in info•Personal preferences like theme andlanguage selections•Preferences remembered when user visitssite later in the future
•Only used when user is using HTTPS•Cookies are encrypted protectingagainst “eavesdropping” or“cookiejacking”
•Flash-based cookies•Used for tracking•Resist being deleted
•Allow web traffic tracking companies to trackunique user information across multiple browserplatforms•Can last for years or decades•If deleted, will come back to life
“So, what would happen if the king of theInternet magically banned cookiestomorrow? Much of the Web would ceaseto exist. Many Web sites would requiremore frequent registration—youd have tolog in every time you visited the New YorkTimes, since the site wouldnt rememberyou. And forget about shopping online.”
Facebook tracks your web acitivity outside of facebook.com even when you‟re logged out.A cookiejacking vulnerability wasdiscovered in the latest version ofIE. Most cookies don‟t have anyvaluable info, but yourGmail, Twitter, and Facebookcookies have all log-in info stored.Bad news. Saved any credit cardinfo to a site you frequently shopat? Vulnerable to hackers!
•Delete cookies from your browsers on the regular •Relegate Facebook to it‟s own browser •Don‟t use IENot all cookies are bad, though. They make ouruser experience (mostly) seamless. We win the Internet!