September 2000--Letís take a look
at what a cookie is and how it works.
A cookie is a small amount of data stored by your
browser on your hard drive. Itís associated with a specific Web
site, and unless you have cookie notification enabled, the transfer
If you are using Internet Explorer, cookies are
stored in the Cookies folder within the Windows folder. You can open
that folder with Explorer. If you open your Temporary Internet Files
folder you will also see the contents of \Windows\Cookies.
If you look inside the Cookies folder, you'll see
some files with names that look like email addresses. For instance I
have one called "don email@example.com" which is, you guessed it, a
cookie from Yahoo.
One function of this cookie is to determine that
Iíve selected that messages be sorted by date in the forum message
area. Thus, each time I come back I get the same view and donít have
to request a change in how messages are sorted each time I visit the
Cookies can be used to hold other information. For
instance, I have several pages that I have personalized with a view
thatís specific to my desires. The site could force me to log on
with a user name and password every time, pull up my profile from
its database and then display my preferred view, but by putting a
cookie on my system it eliminates that login procedure.
Frankly, given the number of user names and
passwords, Iíll take the cookie approach for sites that donít
On the other hand, I donít want my online banking
site to automatically recognize me simply because the site is
accessed by my computer and thus allow anyone using my computer to
access it. Ditto for an e-commerce site that allows you to execute a
purchase order. Iíve never seen either type of site that didnít
require a login, and if I did, I would be uncomfortable about using
them or at least Iíd want more information on how the site keeps the
So cookies can be a very good thing and provide a
more enjoyable and less hassle online experience. I can log into TV
Guide, for instance, and it knows who I am and what area listing to
Letís take a look at some Internet basics. If youíre using a dial-up
connection when you connect with your Internet Service Provider
(ISP), you are assigned an Internet protocol (IP) address from a
range of IP addresses your ISP has assigned to them. Consider this
in the context of your street address and the post office. Just like
the mailman canít deliver a letter without your street address, a
Web site canít deliver a Web page to you without knowing your IP
address. It is the address of your computer on the Internet.
When you log in with your ISP, they use a service
called DHCP (Dynamic Host Configuration Protocol) to assign the IP
address from the block of IP addresses that the ISP has available to
them. Even if you donít close the connection the assignment isnít
necessarily permanent throughout your session, as DHCP uses the
concept of a lease that a given IP address will be valid for your
computer. The lease time can vary, depending on how the ISP has it
set up. While it can change during a session, it probably wonít.
If you have a full time connection, such as cable
or DSL, chances are you might have a static IP address--an IP
address that doesnít change. In fact, this is how Web sites are
found. They have a permanent IP address which is associated with the
site's name. A computer receives the address you type in, converts
it to an IP address, and the Internet routes you to that site. If
you have a static IP address, it is probably identified as part of a
block of addresses that belong to your ISP rather than to you
There are services that will hide the IP address
that your computer is using. You log on to your ISP, go to their
site and they give you one of their IP addresses. Your activity is
transmitted to them, they send it out to the Internet, its returned
to their IP address and then relayed back to you.
Iíve tried a couple and the speed penalty seemed
overmuch. Keep in mind that you must take all the hops and jumps to
get to the site and then just as many to get to the site where you
want to go. Each transaction has to do this and as best as I could
tell it pretty much doubled the time it would normally take. Plus
the service knows what youíre up to even if the remote site doesnít.
What the Web site sees
When you arrive at a Web site the first bit of information it
receives is your IP address. Of course, this information is
absolutely necessary to sending back the page you request. This
information is almost always recorded in the site log. In addition
the Web site can detect the site you came from. For instance, if you
located the Web site through a search engine and clicked a link to
the site the referring site can be logged. I find this valuable as
it tells me how people are finding the site.
The browser type and version is recorded. Again,
this is valuable. If a very small number of users are using IE 3.0
then I might make a decision to add features only available to later
The entry page is recorded. This is the first page
you go to when you visit the site. The exit page is recorder. This
is the last page you were on when you left the site.
Navigation through the site can be recorded. This
is invaluable for me as it tells me what features are
important/interesting and which arenít getting any activity at all.
It helps me focus on what people are interested in and helps me
understanding how to present a more pleasing site.
The darker side of cookies?
Thereís a lot of controversy about cookies in the Internet world.
Next month, weíll take that up and try to put everything in
perspective so you can make an informed decision about when to
Until next month, best in computing.