For example, if you visit a site goto.com, the site places a cookie on machine. The cookie file for goto.com contains the following information:UserID A9A3BECE0563982D www.goto.com/ What goto.com has done is that it stores a single name-value pair. The name of the pair is User ID, and the value is A9A3BECE0563982D. The first time a surfer visits goto.com, the site assigns a unique ID value and stores it on machine. (Note that there probably are several other values stored in the file after the three shown above. That is housekeeping information for the browser.) Amazon.com stores a bit more information on the machine. It stores a main user ID, an ID for each session, and the time the session starts on the machine (as well as an x-main value, which could be anything). Limitations Cookies certainly make a lot of things possible that would have been impossible otherwise. Here are several things that make cookies imperfect. 1. Any machine that is used in a public area and many machines used in an office environment or at home are shared by multiple persons. Let's say that you use a public machine to purchase something from an online store. The store will leave a cookie on the machine and someone could later try to purchase something from the store using your account. Stores usually post large warnings about this problem. 2. When you erase all temporary Internet files on your machine you lose all of your cookie files. This tends to skew the site's record of new versus return visitors and also can make it hard to recover previously stored preferences. 3. People often use more than one machine during the day. This would mean that there would be three unique cookie files on all machines. It can be annoying to set preferences time and again. Why the ruckus? Let's say that you purchase something from a traditional mail order catalogue. The catalogue company has the name, address and phone number from your order and also knows what items you purchased. It can sell this information to others who might want to sell similar products to you. That is the fuel that makes telemarketing and junk mail possible. Then there are certain infrastructure providers that can actually create cookies, which are visible on multiple sites. They can threaten to use it in the way they like. DoubleClick is the most famous example of this. Many companies use DoubleClick to serve ad banners on their sites. The portal can track movements across multiple sites. It can potentially see the search strings that you type into search engines (more due to the way some search engines implement their systems and not because anything sinister is intended). Because it can gather so much information about the user from multiple sites, DoubleClick can form very rich profiles. But these are anonymous. DoubleClick threatened to link these
rich anonymous profiles back to name and address information,
personalise them, and then sell the data. That began to look very much
like spying to most persons and that is what caused the uproar. |