What the cuss are cookies?!Magical & Dangerous.

Stateless abyss of the interwebs

“HTTP is a ‘stateless’ protocol. This means that each visit to a site (or even clicks within a site) is seen by the server as the first visit by the user. In essence, the server "forgets" everything after each request.”

“Cookies are a very important method for maintaining state on the Web. "State" in this case refers to an application's ability to work interactively with a user, remembering all data since the application started, and differentiating between users and their individual data sets.”

…And then there was “state”…

“Cookies are simply text files sent by a Web site to your computer to track your movements within its pages. They're something like virtual license plates, assigned to your browser so a site can spot you in a sea of millions of visitors. Cookies remember your login and password, the products you've just bought, or your preferred color scheme.”

The Creator

Lou Montulli, a founding engineer at Netscape Communications, invented the cookie as a way to create a virtual shopping cart, essentially launching e-commerce in 1994.

The stateless internets has no memory of a browser’s actions. Moving from page to page is like the first time all over again for the internets. Cookies remember the selections a user has made from page to page, thus allowing for the experience of a virtual shopping experience.

Making cookies is sexy

Lou Montulli went on to be named People Magazine’s sexiest internet mogul in 1998

So many flavors of cookies

“An analogy I like to use is a laundry cleaner's shop. You drop something off, and get a ticket. When you return with the ticket, you get your clothes back. If you don't have the ticket, then the laundry man doesn't know which clothes are yours. In fact, he won't be able to tell whether you are there to pick up clothes, or a brand new customer. As such, the ticket is critical to maintaining state between you and the laundry man.”

Session Cookies

•Only last for the duration of a user’s visit to a site •Allows data selection to be remembered from page to page•Most common cookie associated with virtual shopping

Persistent cookies

•Store authentication data: log-in info•Personal preferences like theme and language selections•Preferences remembered when user visits site later in the future

Secure Cookies

•Only used when user is using HTTPS

•Cookies are encrypted protecting against “eavesdropping” or “cookiejacking”

Super cookies

•Flash-based cookies•Used for tracking•Resist being deleted

Zombie cookies

•Allow web traffic tracking companies to track unique user information across multiple browser platforms•Can last for years or decades•If deleted, will come back to life

Cookies make analogue life fun and delicious, and similarly, make navigating

the internet easier and more fun.

“So, what would happen if the king of the Internet magically banned cookies tomorrow? Much of the Web would cease to exist. Many Web sites would require more frequent registration—you'd have to log in every time you visited the New York Times, since the site wouldn't remember you. And forget about shopping online.”

And like in analogue life, abusing cookies will give you diabetes and you will die…

So too in internet land, abusing cookies are death to our privacy

Beware of…

Facebook tracks your web acitivity outside of facebook.com even when you’re logged out.

A cookiejacking vulnerability was discovered in the latest version of IE. Most cookies don’t have any valuable info, but your Gmail, Twitter, and Facebook cookies have all log-in info stored. Bad news. Saved any credit card info to a site you frequently shop at? Vulnerable to hackers!

What to do?

•Delete cookies from your browsers on the regular•Relegate Facebook to it’s own browser•Don’t use IE

Not all cookies are bad, though. They make our user experience (mostly)

seamless. We win the Internet!