Web Cookies - PowerPoint PPT Presentation

1 / 16
About This Presentation
Title:

Web Cookies

Description:

http://www.techtv.com/screensavers/print/0,23102,3317313,00.html. http://www.techtv.com/screensavers/twistedlist/story/0,24330,3366496,00.htm l. Cookie Definition ... – PowerPoint PPT presentation

Number of Views:1523
Avg rating:3.0/5.0
Slides: 17
Provided by: TimD78
Category:

less

Transcript and Presenter's Notes

Title: Web Cookies


1
Web Cookies
2
Sources
  • Most of the content for this presentation came
    from these Web sites
  • http//www.cookiecentral.com
  • http//www.techtv.com/screensavers/print/0,23102,3
    317313,00.html
  • http//www.techtv.com/screensavers/twistedlist/sto
    ry/0,24330,3366496,00.html

3
Cookie Definition
  • Cookies are pieces of information generated by a
    Web server and stored in the user's computer,
    ready for future access.
  • Cookies are embedded in the HTML information
    flowing back and forth between the user's
    computer and the servers.
  • Cookies were implemented to allow user-side
    customization of Web information. For example,
    cookies are used to personalize Web search
    engines, to allow users to participate in
    WWW-wide contests (but only once!), and to store
    shopping lists of items a user has selected while
    browsing through a virtual shopping mall.

4
Definition (cont.)
  • Essentially, cookies make use of user-specific
    information transmitted by the Web server onto
    the user's computer so that the information might
    be available for later access by itself or other
    servers.
  • In most cases, not only does the storage of
    personal information into a cookie go unnoticed,
    so does access to it.
  • Web servers automatically gain access to relevant
    cookies whenever the user establishes a
    connection to them, usually in the form of Web
    requests.

5
Two Stage Process
  • First the cookie is stored in the user's computer
    without their consent or knowledge.
  • For example, with customizable Web search engines
    like My Yahoo!, a user selects categories of
    interest from the Web page. The Web server then
    creates a specific cookie, which is essentially a
    tagged string of text containing the user's
    preferences, and it transmits this cookie to the
    user's computer.
  • The user's Web browser, if cookie-savvy, receives
    the cookie and stores it in a special file called
    a cookie list.
  • This happens without any notification or user
    consent. As a result, personal information (in
    this case the user's category preferences) is
    formatted by the Web server, transmitted, and
    saved by the user's computer.

6
Two Stage Process (cont.)
  • During the second stage, the cookie is
    clandestinely and automatically transferred from
    the user's machine to a Web server.
  • Whenever a user directs her Web browser to
    display a certain Web page from the server, the
    browser will, without the user's knowledge,
    transmit the cookie containing personal
    information to the Web server.

7
Virus Danger?
  • A normal text based cookie cannot be of any
    danger to your computer or spread any viruses.
  • Whether or not other cookies can be dangerous or
    spread viruses has to do with whether or not a
    file is "executable," meaning if it's a program
    rather than data.
  • UNIX files, for instance, have some combination
    of the properties "readable," "writable" and
    "executable." The executable property is
    necessary to enable a program in a file to do
    something.

8
Virus Danger? (cont)
  • If a cookie is not stored in an executable format
    for that platform, it cannot do something hostile
  • In general Cookies are stored as text files and
    cannot be of danger or pass on viruses.
  • Basically cookies cannot harm your computer.
  • The general controversy is not what cookies can
    do to your computer, but what information they
    can store, and what they can pass on to servers,
    there is currently a new proposal to limit the
    features of the cookie protocol, which would give
    people a greater control over what cookies they
    can accept and from where.

9
Cookies How They Work
  • The Internet is predominantly built on a
    technology called HTTP.
  • HTTP doesn't hold any notion of "state" between
    the browser and the server application.
  • Therefore, when writing applications for the Web,
    developers need to pass a token between the
    browser and the client.
  • This is how the "cookie" was born.

10
Cookies How They Work (cont.)
  • Cookies come in two forms, persistent and
    nonpersistent.
  • Persistent cookies stay with your browser even
    after you've exited it. The next time you open
    your browser and access the website that placed
    the cookie on your browser, it will find the
    cookie still there.
  • Nonpersistent cookies, as their name suggests, do
    not stay around after you exit your browser.

11
Cookie Contents
  • The information stored in a cookie allows the
    browser to know which Web servers to send the
    cookie back to.
  • The cookie also includes the payload, as well as
    information about when the cookie is valid.
  • Normally, a site will encrypt the information
    contained in the cookie. When you ask a website
    to save your user name and password, it will
    either take those values and encrypt them before
    storing them on the file system or create an
    encrypted token that takes the place of your
    login. In many cases, when you examine the cookie
    information you'll notice a long string of
    characters that most probably doesn't make any
    sense to you.

12
Cookie Contents (cont.)
  • A TechTV.com cookie from that website
  • .techtv.com TRUE / FALSE 1108418573 Visitor
    80c59448.484ec627.216.200.223.239.1013810251524
  • The following slide has the different parts of
    the cookie and what they mean
  • Domain (.techtv.com in this instance)The website
    that created the cookie, and the one that the Web
    browser will send it back to.
  • Flag (TRUE)A flag that tells the Web browser
    whether all the machines within TechTV.com or
    only specific ones can get the cookie.
  • Path (/)This is the URL's paths within
    TechTV.com that can receive the cookie. Setting /
    as the path tells the Web browser to send it to
    all requests to .techtv.com.
  • Secure (FALSE)Tells the Web browser that the
    cookie can be sent over HTTP instead of a secure
    HTTPS connection.
  • Expiration (1108418573)Number of seconds from
    January 1, 1970, when this cookie will expire.
  • Value (Visitor 80c59448.484ec627.216.200.223.239.1
    013810251524)This is the actual value that the
    TechTV.com Web server wants back when it receives
    the cookie. Just looking at it tells us that it's
    most likely using this to track repeat visitors.
    The site has assigned me a visitor number that it
    will use to look me up in some database of repeat
    visitors.

13
Cookie Contents (cont.)
  • Domain (.techtv.com in this instance)The website
    that created the cookie, and the one that the Web
    browser will send it back to.
  • Flag (TRUE) - A flag that tells the Web browser
    whether all the machines within TechTV.com or
    only specific ones can get the cookie.
  • Path (/) - his is the URL's paths within
    TechTV.com that can receive the cookie. Setting /
    as the path tells the Web browser to send it to
    all requests to .techtv.com.

14
Cookie Contents (cont.)
  • Secure (FALSE) - Tells the Web browser that the
    cookie can be sent over HTTP instead of a secure
    HTTPS connection.
  • Expiration (1108418573) - Number of seconds from
    January 1, 1970, when this cookie will expire.
  • Value (Visitor - 80c59448.484ec627.216.200.223.23
    9.1013810251524)
  • This is the actual value that the TechTV.com Web
    server wants back when it receives the cookie.
    Just looking at it tells us that it's most likely
    using this to track repeat visitors. The site has
    assigned me a visitor number that it will use to
    look me up in some database of repeat visitors.

15
Managing Cookies
  • Use this link to examine the options below.
  • Strategies
  • Manually delete cookies from your system
  • Set your browser's security to warn you about
    cookies
  • Download a cookie killer
  • Surf anonymously
  • Ignore them

16
Cookie Buster Programs
  • Burnt Cookies (for Internet Explorer on Windows
    platform).
  • Cookie Cruncher (Windows).
  • Cookie Crusher (Windows).
  • Cookie Cutter 1.0 (for Netscape on Macintosh
    platform). Direct download.
  • Cookie Jar (UNIX).
  • MagicCookie Monster (for Netscape on Macintosh
    platform).
  • Spy Blocker.

http//www.epic.org/privacy/tools.html
Write a Comment
User Comments (0)
About PowerShow.com