Do you take cookies from strangers?
If you browse the Web, you probably do Jan 14 1997

Did your household leave cookies on a plate for Santa, this past Christmas Eve?

If you've been surfing the Internet, without your realizing it, your computer has probably been receiving gifts of cookies, too. And while Santa's Oreos may have added calories to your waistline, the Internet's cookies have probably been accumulating on your computer's hard drive.

What are these mysterious Internet treats?

I don't know where the name came from--it doesn't stand for anything. Cookies on the Internet are little files, often encrypted, quietly placed on your hard drive by some Web pages, to provide a record of where you've been and what you've seen. The next time you visit the same page, the computer checks your collection of cookies and can respond to you as a repeat customer. They're sometimes referred to as 'persistent client-side information,' since they're stored on your machine (the client-side), rather than on the Web server, and because they hang around, staying on your machine even after you leave the Internet (but not forever: like a box on the grocery shelf, these cookies too carry an expiration date).

Proponents suggest that this empowers the Internet surfer with this simple mechanism: users can potentially customize how they view individual pages and store settings on their own computers. It wouldn't be practical to store such settings for potentially thousands of users on the server. Other cookies could store password information, making it unnecessary to log on each time a site is revisited. Or they can benefit advertisers, who, by using cookies to keep track of the ads that have already been viewed, could ensure that viewers see a fresh ad each time they visit. Virtual shopping carts could use cookies to represent potential purchases as a user wanders through a virtual store.

The more suspicious among us are not so sure, however. Many Internet users are uneasy about files being written to their computers without their knowledge or consent, especially unreadable, encrypted files. As well, they have fears about a record being kept of where they've been. (Note that this information is already available: in addition to a Recently Visited Sites list, copies of those graphics you've been viewing hang around in your browser's cache folder for days or weeks. And if you're using the company's network to contact the Internet, the network probably has a log file listing where you've gone, and some people have lost their jobs as a result.)

And while there have been no documented instances of this happening, it may be possible for cookies to actually harm a user's computer--as a sort of virus disguised as an Oreo. Cookie proponents suggest that any such risk was most likely associated with early versions of Java and Javascript, both of which have since been made more secure.

The vast majority of Web sites are currently free of cookies, but an increasing number of the most popular sites do give them out.

By default, all this happens invisibly. As a result, most users are unaware of having received a cookie. The latest versions of Netscape Navigator and Microsoft Internet Explorer, however, allow users to set preferences so that they can be informed when they are being 'offered a cookie.' Both programs then give users the opportunity to refuse the privilege. (Check Options, then Network, then Protocols for Netscape Navigator 3.0, and View, then Options, then Advanced in Internet Explorer.)

Users of older versions of both browsers have no choice--they will receive cookies without the option of being warned by their browsers. Other Web browsing software, however, may simply be unaware of cookies--and won't accept them.

For more power over their cookie collection, Windows 3.1 Netscape users may want to check out NSClean, available for download from, while Win95 users will want ZDNet's free Cookie Master, available from http:// C/K/swlib-000CKP.html. Mac users can search for Cookie Monster at http:\\www.macworld. com\software\index.shtml.

All programs are free and let users view cookies, log cookie activity and delete unwanted cookies.

For the official line on Internet cookies, check in with Netscape at http://home.netscape. com/newsref/std/cookie_ spec.html. More readable are Andy's Cookie Info page, http://, or Malcom's Guide to Persistent Cookies, at http://www. ~mal/cookiesinfo.html.

The general consensus is that cookies aren't particularly dangerous at this time, and are of benefit to advertisers and commercial Web sites. Users concerned about their on-line privacy, however, may want to know when they're being offered cookies to have some control over those unwanted calories.*

Search WWW Search

Alan Zisman is a Vancouver educator, writer, and computer specialist. He can be reached at E-mail Alan