What is a Cookie?

Cookies are messages that web servers pass to your web browser when you visit Internet sites. Your browser stores each message in a small file, called cookie.txt. When you request another page from the server, your browser sends the cookie back to the server. These files typically contain information about your visit to the web page, as well as any information you've volunteered, such as your name and interests.

The term "cookie" is an allusion to a Unix program called Fortune Cookie that produces a different message, or "fortune," each time it runs.

Examples of cookies
Cookies are most commonly used to track website activity. When you visit some sites, the server gives you a cookie that acts as your identification card. Upon each return visit to that site, your browser passes that cookie back to the server. In this way, a web server can gather information about which web pages are used the most, and which pages are gathering the most repeat hits.

Cookies are also used for online shopping. When you visit an online store, you often must fill out a form that includes your name, address, phone number, and other information. To avoid re-entering this information each time you visit the store, the server issues you a cookie containing this information. Upon your next visit to the store, this cookie automatically supplies all this information for you, in addition to retaining any items you placed in your electronic "shopping cart."

One of the most useful ways in which servers use cookies is to provide you with personalized web pages. You offer information by selecting preferences at a particular site, which the server then places in a cookie. When you return, the server uses the information in the cookie to create a customized page for you.

Security concerns
Only the web site that creates the cookie can read it. Additionally, web servers can only use information that you provide or choices that you make while visiting the web site as content in cookies.

Webmasters have always been able to track access to their sites, but cookies make it easier to do so. In some cases, cookies come not from the site you are visiting, but from advertising companies that manage the banner ads for a set of sites (such as DoubleClick.com). These advertising companies can develop detailed profiles of the people who select ads across their customers' sites. Currently, Netscape Navigator 4.x allows you to disable third-party cookies by choosing a selection labeled “only accept cookies from the same server as the page being viewed” or “accept only cookies that get sent back to the originating server.”

Accepting a cookie does not give a server access to your computer or any of your personal information (except for any information that you may have purposely given, as with online shopping). Servers can only read cookies that they have set, so other servers do not have access to your information. Also, it is not possible to execute code from a cookie, and not possible to use a cookie to deliver a virus.