Tech Talk #56 – July 22, 2017
Let’s talk about cookies
Mmmm, cookies.
Unfortunately, I’m not talking about the delicious cookies you make in the kitchen. I’m talking about the cookies stored on your computer.
Wait, what? How do these cookies get on my computer? What are they for? Should I be worried?
Whoa there, pardner. We’ll get to all your questions.
Technically, when we talk about cookies on your computer, we’re talking about browser cookies. Firefox, Internet Explorer (do people still use that?), Chrome, and Edge all put cookies on your computer as you visit various websites.
Cookies are tiny text files stored on your PC. These text files contain information websites use to keep track of you from one visit to the next. A cookie might contain your location for weather reports, it might contain any layout preferences you’ve made to a news site, or it might just be a marker that you were there three weeks ago.
Advanced cookies can record the links you click on on a particular site, your login name if you’ve check the Remember Me button, or the items you’re thinking of buying—which is why your shopping cart has the same items in it the next time you go to the site.
All cookies contain information about you and how you’ve interacted with a website.
The internet uses the HTTP protocol. HTTP is stateless, which means unless a website sets a cookie, it won’t know anything about you and how you like things the next time you visit.
There are two kinds of browser cookies. While technically there is no structural difference in the cookies, they come from different places, so they have different names. First-party cookies and third-party cookies.
A first-party cookie is set by the website you’re visiting. A third-party cookie is set by Javascript running on the website you’re visiting and almost always comes from third-party advertising websites. Third-party cookies are also called tracking cookies.
The term first-party refers to the site you’re visiting and third-party refers to ads that running on the site you’re visiting. You, the website visitor, are the second party, but you don’t get to set any cookies.
The majority of websites require cookies. To create an account on a website or to keep yourself logged in, you need that cookie. If you disable cookies in your browser (and yes, it’s a thing you can do), you might break a lot of the websites you visit.
Most first-party cookies are session tokens – basically counting the number of times you’ve been to that website. They can also contain your login credentials, encrypted or hashed in some format—if you’ve provided that information to the website. Since cookies can only be sent back to the site that originated them, even when cookies contain personal information, other websites you visit can’t access them.
Third party cookies, also known as tracking cookies, are created by code places on a website running an ad. Advertisers have banded together and created advertising networks. Since a cookie can only be sent back to the site that created it (both first and third party cookies have to follow this rule) advertising networks will get a cookie back from every site you visit. They can’t read the cookie itself, but because the Javascript that created the cookie includes the website address the code ran on, they can figure out which website the cookie came from. From that, they can target ads to you based on the sites you visit.
You can usually block third-party cookies without a problem. To find out how to block third-party cookies, Google ‘block third-party cookies’ for whatever browser you’re using.
Truth
To the optimist, the glass is half-full.
To the pessimist, the glass is half-empty.
To the IT professional, the glass is twice as big as it needs to be.
Do you have a computer or technology question? Greg Cunningham has been providing Tehachapi with on-site PC and network services since 2007. Email Greg at greg@tech-hachapi.com.