I subscribe to the TUCOWS Weekly Newsletter and this week the cover story concerns "Cookies", those things that scare users to death and about which many "myths" have been created. Forgive me for burdening you users with this long email, but I felt it worth sending. It answers many questions about what a Cookie is, what it does, whether or not it is dangerous, whether or not it can dig out data from your system, etc. If you are concerned about Cookies or think they create security problems for your system, please READ ALL THIS ENTIRE ARTICLE !!!!! SgtGeorge List Maintainer **********(Start of Forwarded Article)********** So it's the day before I go on vacation and Scott says to me, "Let's do an article on cookies for the next Grazing Grounds. Explain how cookies are our friends." I muttered something about only liking cookies that come with chocolate chips. Well, that's not fair. I do like the occasional Oreo and Fortune Cookies ... but I had the sinking feeling that was not what our noble leader had in mind. So I grudgingly went out in search of cookie crumbs. I was shocked by what I learned. I consider myself a pretty hip net.junkie, but just about everything I believed about cookies turns out to be false. For those who don't already know, "cookies" are little snippets of code that help in certain interactive functions with Websites. Cookies are most frequently used in marketing and legitimate security applications. Some webmasters use them to track the number of hits, the type of browsers being used, or the number of times you have visited a webpage. Each time you visit the site, the cookie is updated and stored in your browser's directory (sort of like a passport that gets stamped each time you visit a country). Webmasters look at that information and design better sites to reflect your interests. They can even design websites that automatically update themselves depending on your preferences. Unfortunately, there is great concern that they can also be misused to violate your privacy. You can be sent cookies when you load a webpage or a graphic from a WWWServer. The concern has been that cookies might be able to "scoop" information from your browser - getting private details like your e-mail address or the past few web sites you visited. According to Andy's Cookie Page <http://www.illuminatus.com/cookie.fcgi>, cookies only store information relative to the particular site they came from - they can't read cookies from another site unless there is an agreement between sites to share cookie information. Any security risks are not with the cookie, but with data that you give out to websites through forms and online applications. It doesn't matter if a web site sells or gives your information through a cookie or through simply e-mailing that list - the only way they can do so is for you to volunteer that information at some point. So if you don't want spam, don't worry about cookies - just make sure not to give out your address (credit card number, address! , hat size ...) to just any attractive looking page that asks. Look for a privacy assurance that the web site does not sell their mailing lists. I have been using a "cookie sweeper" for the past few months, and now wonder whether or not it is worth keeping. Since I've learned that there is no security risk, that people can't get my address unless I offer it, there is no compelling reason to deny cookies at this point. Scott tells me that there is a utility built into NT servers that many administrators use to manage logins. Our Webmaster at iDirect, Greg Weir, says that this can be turned off at the administrator's discretion, but many leave it on. There are some websites that will not display the information you are seeking if you don't take the cookie. I still have mixed feelings about cookies. In most websites, cookies are helpful to Internet users. I go through 4 sets of cookies three different times when I visit my bank's website, and I'm happy to do it because it reassures me that getting through their encryption wouldn't be a simple matter (not that I have a large pile of hay there, it's just I want to keep what little I DO have). Many websites use cookies for "shopping baskets" or to help visitors create custom versions of their pages. Webmasters could resolve a lot of their reader's fears if they had a simple message on their pages explaining what their cookies are doing and why they are useful to the surfer. There would be a lot less anxiety about them then. ==== DURMAN Mailing List ==== To unsubscribe from DURMAN, send an e-mail message to: DURMAN-L-request@rootsweb.com (for individual messages) DURMAN-D-request@rootsweb.com (for Digest mode) Subject: unsubscribe In the body include only one word: unsubscribe (Turn OFF your signature file when sending this command)