Web cookies, explained to the masses

⇐ Home | HTTP Cookies| how do they work| cookie ontology| third party cookies

New to HTTP Cookies?

Don't panic.. Standard web browser almost completely hide cookies, so most people just ignore their existence. For now, just think them as digital tags, or - if you prefer - as license plates attached by sites to your browser to identify you.

Firefox logo with tons of colored licence plates _top

Web cookies make your IGoogle sweet dreams possible!

Let's make an example: Say you wake up on an ordinary morning and have breakfast while surfing the web on your laptop. You launch your web browser, and your default IGoogle home page shows up. Since you are still lazy and not yet ready to do any serious work, after a brief look at CNN news, you fool around personalizing your home page. Then you start to play with those funky Google gadgets available on the page until your page looks like this:

IGoogle screenshot, with the daily puppy, the googling eyes, etc

You add the following gadgets:

Finally you select the colorful Sweet dreams theme

Few hours later, you have switched off your laptop, stuffed it into your bag and moved it to your office. On your desk, plugged to a different router, the machine receives a new network address. It now sits in a different area of the Internet, your office. Nevertheless, the googly eyes, the puppy, the Youtube search, and the sweet dreams theme will all be back when you open your home page. A number of cookies with names like PREF, TZ, IGTP, GoogleAccountsLocale_session have been sent to your browser by google.com at the time of your first visit. Conversely, your browser has been programmed to show them only to Google.com. The site will therefore always recognize you again, no matter where you plug in your laptop - this afternoon, next week or even after years.

_top

Cookie Ontology

To answer the basic question: "What is there to know about web cookies?", let's describe their most relevant attributes while sticking to the pastry metaphor.

collage of cookie brands and web sites
a Domain
The site, or sub-site that backed the cookie. whether it comes from a big industrial brand or the small bakery around the corner, a cookie will disclose its contents only to the originating domain.
a Name
To stick to the metaphor, this is like the name of a specific product, mass-produced in hundreds, thousands or millions of items
a Content
This is like a serial number, often uniquely identifying the single visitor who received the cookie
an Expiration Date
A date until which the browser will store the cookie

_top

So what's wrong with cookies?

By itself, nothing.. As explained before with the IGoogle example, cookies provide a simple and efficient identification mechanism on which many legitimate and often exciting web services do rely. Nevertheless, at least one aspect of this technology is controversial, and potentially dangerous for user privacy: not only the websites you are visiting, but also all the third party content they host (like banners coming from advertising networks of affiliate sites ) can and typically does send you cookies!

_top