Home    Files

software times™  Files...

August 20, 2011

Good Cookie, Bad Cookie!

Good Cookie

CookieI have no idea where they got their name. For those of you who still don't know, cookies are bits of data that websites store in your browser's memory. When you return to the website, it reads the cookie or cookies and knows you have been there before. When you see a checkbox that says "Remember me," that activates some code that will place a cookie in your browser with your login information. Websites such as Yahoo!, Amazon, Tumblr and Twitter use cookies to log you in automatically so that it does not become a PITA to visit the sites. For security reasons, I don't use the "Remember me" feature with websites that handle money such as credit cards or my brokerage account. Amazon has a split "Remember me" function: it will let you into the "non-private" part of your account but will ask for your password for the more secure parts of the site such as the shopping cart. This is the good use of cookies.

Bad Cookie

Merchants want your dollars and they have devised ways of extracting as much information as possible about you as a target customer. With this information they bombard you with targeted advertisements. Or they sell your information to the highest bidders. Hard to tell what they will do for a buck.

CookieNetscape, who invented cookies, built in some safety features for your protection. Cookies can only be read by the website that places them. Suppose you visit two websites: florist.com and barber.com. florist.com cannot read barber.com cookies and barber.com cannot read florist.com cookies. So you think you are safe. Think again!

CookieA web page is made up of multiple resources or files that can be served from a variety of servers. You could have a server, images.com, that only serves images and the images can be made accessible to multiple websites. Where you see a picture, the florist.com website could have commanded your browser to get that picture from images.com. And the barber.com website could have commanded your browser to get a different picture from images.com. In this case, images.com is the link between florist.com and barber.com and they can share your cookie information if they wish to do so.

Ever wonder why everyone wants to give you free email? When you access your online email account, they see your cookies AND READ YOUR EMAIL. Anything you thought was private in that email is now public if your email host wishes to share it for fun or profit. But that's a story for another day.

Browsers allow you to limit the placement of cookies. Safari gives you three choices:
- Always
- Never
- Only from sites I visit (Block cookies from third parties and advertisers)
I always check the third choice. One needs to allow cookies to get logged in to places but the fewer the better. BTW Google, the super snoop, places gazillions of cookies. frown

A Cookie Horror Story

CookieI use Ameritrade as my online stock broker. I have to say they are pretty good even if the website is a bit flaky for my liking - too much JavaScript. Yesterday, suddenly, I could no longer log-on. The error message said something like: "The page you are trying to access is not available. Talk to tech support." Using Skype I called their toll free number and was put on hold for barely 15 minutes. Luckily I had no urgent trades pending. I got a very nice lady on the phone who walked me through the procedure to clear out the browser's cache and history. Since that didn't do the trick she walked me through the procedure to clear out the cookies which solved the problem.

Chicken peckingFunny thing, she didn't ask me to clear the cookies. Instead she wanted to talk me through the procedure menu item by menu item. But she was not familiar with Safari which does not have a "Tools" menu like Internet Exploder. So we did the chicken pecking in the sand routine until somehow we found the cookies. smile

That did the trick, but at a cost. I lost all the other "Remind me" log-in cookies. For every website I visit I had to remember or look up my username and password, or tell the website that I forgot my password which happens now and then. I got it done but, frankly, A PITA!

Ameritrade placed 21 cookies in my browser when I logged in. Why so many? I have no idea. The last log-in script I've worked on uses a session cookie and up to three data cookies. But that is not the problem...

Good Script, Bad Script

LadybugThe Ameritrade script is not "user friendly." If the server realizes that a user cannot log-in on account of some cookie problem, instead of showing an error message, it should have cleared out Ameritrade's cookies without forcing me to remove the cookies of all my other favorite websites.

Denny Schlesinger

Home    Files
Copyright © Software Times, 2000, 2001, 2003. All rights reserved
Last updated March 8, 2009.