Cookie, Cookie, Lend Me Your Data
Dear Squeak and Blat,
I thought I was doing real good trying to understand all the acronyms floating around the Internet. I mean, I think I know TCP and FTP and HTTP and IP and ISP. But, now we've got crazy terms like "Java" and "Cookies." Give me a break!
What I read on Java looks to be good. I don't understand what it is but it looks to add more sophistication to web applications. But, what I read about these Cookies doesn't sound so great.
Can you enlighten us on the web cookie caper?
Mrs. Irma Web
Irma. If you even think know all those acronyms you must be a well-informed citizen of cyberspace. Let's just check to see if your labels for those acronyms match ours:
- TCP: Transmission Control Protocol
- FTP: File Transfer Protocol
- HTTP: HyperText Transfer Protocol
- IP: Internet Protocol (often combined with TCP as in TCP/IP)
- ISP: Internet Service Provider
The first four are different ways of coding or packaging data to transfer over the Internet; the last one is any business that provides access to the Internet for users like yourself.
Now, what are Cookies on the Internet?
Cookies were added to web browsers with good intentions. The idea was for your web browser to be able to store information about a site you have visited so that each time you returned to that site it would know who you are, what pages on that site you visited, what kind of computer you had, what browser you were using, and so on. The goal was to make the interaction between your computer and the web sites you visit more personalized. Web pages that provide "shopping carts" for purchases depend heavily on Cookies to keep track of what items you have chosen for purchase.
Let me explain how Cookies work. First, as Netscape says in their documentation on Cookies, they were called "cookies, for no compelling reason." (I think Internet Cookies are much more like Fortune Cookies because each cookie contains a hidden message.)
First someone has to bake the Cookie and deliver it. This is done by a web server on the Internet. When you type in the link or URL for a web site and your computer starts downloading the web page, graphics, and so on from that site, the web server at the site can bake a digital Cookie and place it on your hard drive usually in a system directory or folder with other information saved related to our web browser. With my Netscape browser on my Mac, the baked cookies get stored in the Netscape folder in Preferences in the System folder.
The ingredients used in baking this Cookie vary and are completely customizable by the web server. On the simplest level, it can contain the web browser you are using and your computer type. But, it can also contain your email address and keep track of what web pages you visit from that site.
Now, the next time you decide to visit that site again, the web server checks to see if you have one of the Cookies it baked with its unique ingredients. If so, then the server reads the data stored in the Cookie on your hard drive and may use that data to decide what web pages to show you or other ways to personalize your visit to that web site.
For those of you who want the technical low-down on adding Cookies to your HTTP scripts and web pages, Netscape has a definitive page on the topic and a simpler explanation in a Cookie tech note as well.
This all sounds well and good on the surface. But, as you said, Irma, not everything you've read about Cookies has been positive. Web sites can store the data from your Cookies into their own databases. They can use that information to pester you with email about their products that they sell, they can sell that information to others, and the potential is there for a Master Baker of Cyberspace to use that information to track what you see and do on the Internet. This is the part that is not so attractive and may be hazardous to your web browsing health.
If all this talk about cookies has you hungry for the real thing, check out a few of the many web sites for the non-virtual version of munchable cookies: Little Debbie, Nabisco (check out the Nabisco Museum and Oreo cookies!), Archway, Cadburry, and Seckinger-Lee from Bruno Brothers.
Thanks for bring up a very important web topic!
Wow. I have never felt so hungry writing a Squeak and Blat column as I feel tonight. Before I head down to my stash of double-stuff Oreos in the back of the pantry, let me add a few ideas to what Squeak is saying. He has done a nice job in explaining what Cookies are. Let me add a few more crumbs to the mix by anticipating a few questions that you might ask about cookies. I will then explain some neat ways to control the cookie jar.
Q. I use my browser for email and I identify who I am when I do this. I assume then that a site uses this information in its Cookie file it maintains inside my browser?
A. Actually, no. This Cookie technology cannot grab your email address and name. It can only identify your computer and keep records on how you use the site you are visiting. Now, if you decide to TELL a site what your name and email address are by registering in a form or something, then that information might get stored in the Cookie file (or in a database of the site you are visiting).
Q. Is this how an obnoxious company gets data about me?
A. Most experts agree that it is very hard for a third party to "invade" the Cookie jar. In other words, if Company X decides to create some Cookie data on you in your browser, Company Y would be hard pressed to also access that same data. However, these same experts agree that (although hard) it is technically possible to do this!
Q. What's so bad about this whole cookie business? Aren't you all being a little paranoid?
Q. How can you tell whose been in your cookie jar?
A. Great question. You can read the cookie file on your computer. On your windows machine, look for a file called: "Cookies.Txt" and on a Mac (at least with Netscape's Navigator), the file is called "MagicCookie." These are simple text files and you can read them for yourself. At the start of many of the lines, you will recognize sites that you have visited. Here is a list of a few sites (many music-related) that DO use cookie technology. Maybe you have visited a few of these? If so, check out YOUR cookie jar!
Techiques for controlling or managing Cookies differ by platform and by browser. Check out: http://www.whyron.com/cookies.htm as a site for explaining how to turn off or delete the Cookies file.
Deleting: For windows users, the use of a bat file upon startup is explained for deleting Cookie files. Mac users can delete the "MagicCookie" file by hand or possibly set it as a locked file.
Managing: For users of Netscape's Naviagator (beginning with 3.0) and Microsoft's Internet Explorer, a preference can be set that alerts you when a site is interested in inserting some Cookie code in your broswer's directory. The browser allows you the option of using the Cookie or not. You can also get a copy of ZDNet's CookieMaster, http://www.zdnet.com, which allows you to monitor cookie activity (only available for windows machines at this time.)
Well, that's it on Cookies from my end, Irma. I'm off to that pantry now before the answer to my next question. I'll be looking for some milk to wash all this down!
Peter R. Webster (a.k.a “Blat”) and David Brian Williams (a.k.a. “Squeak”) have presented workshops and other presentations together for CMS/ATMI conferences and workshops for more than 20 years. Their collaboration has led to publications and presentations internationally on music technology as well as the co-authorship of the textbook Experiencing Music Technology (Cengage Learning/Schirmer Books, 3rd edition Update, 2009), a widely adopted and highly acclaimed music technology textbook for high school and college students. Dr. Webster is emeritus professor of music education at Northwestern University and Scholar-in-Residence at the University of Southern California; Dr. Williams is emeritus professor of music and arts technology at Illinois State University, a freelance consultant, composer and musician, and immediate past president of The College Music Society.