Understanding Cookies and Firefox Cookie Controls

There are many preconceived notions about what a website cookie is and how it can be used. Some of these ideas are not terribly factual. Let's set down a few truths first.

Cookies are not evil.

Second, cookies can be read only by the domain that saved them.

Third, cookies contain only information that you provide (either directly or indirectly).

Fourth, all cookies contain information that the server already has.

Fifth, the server could store this information on its local storage and you'd never know.

Cookies are capable of tracking usage over multiple sessions and sessions to computers that are behind a NAT firewall. In the latter case, many computers might visit a site and cookies can help that site keep track of the visits.

Now ask yourself this question about cookies: Would you rather this information be stored on the server's computer or yours? I'll go with mine, thank you at least then I can delete the cookies when I want.

First, any information stored in a cookie could just as easily be stored on the web server's end. That's right, any website could store exactly the same information about you at its end instead of your end. So, then, why use cookies? Why not just put the information on the server? Cookies allow two things that a server-side solution doesn't: speed (big websites have thousands of visitors every day and millions of unique visitors over time) and storage space. If the server were to save information about millions of users, the storage requirements might begin to add up. We aren't talking just hard disk space, but backup, integrity, management, and other storage issues. Finally, cookies enable a website to store information that allows the site to determine that it is probably you it's seeing and not someone else.

Why do people object to cookies? The issue is usually that they don't like sites to store information about them on their drive. More generally, they don't want the site saving information about them at all! But remember that the site already has the information it puts in the cookie.

Also, people object to cookies because they don't want that information on their computer to be available to others. From outside (the Internet, for example), cookies are safe because only the creating website can open its cookies. As well, most sites encrypt cookie information to prevent issues of remote and local users obtaining the information and being able to utilize it.

Cookies are here to stay, and they serve a useful purpose. I've been at this Internet game for a long time and have yet to see one documented case in which cookies were improperly used.

Firefox lets you control cookies. For example, the Options Manager has settings for cookies in its Privacy section. The Firefox cookie settings include

• Allowing or disallowing sites to store cookies. If you disallow cookies, no site can store a cookie on your computer.

• If you choose to allow sites to store cookies, you can choose to allow only the originating website.

• You can choose to have cookies deleted upon expiration or upon closing Firefox, or you can choose to be prompted for deletion.

• You can choose to either allow or block specific sites from using cookies, either permanently or just for the session.

• Cookies stored on your computer can be viewed. While viewing cookies, you can delete either just the currently viewed cookie or all cookies.