Cookies are small text files that are sent (deposited) by the servers of some web sites you visit. These text files contain information that is supposed to customize your interaction with the web server during your first and subsequent visits, and for that reason they are stored on your computer. Some cookies are only required during your visit to a certain site but not after you have left the site, and these cookies may "expire" at that time, i.e., be erased from memory and not permanently stored on your computer.
Contrary to often-heard claims that no information is sent from your computer to anybody outside(1), *most* cookies are interactive, i.e., information is not only written to them but also read from them by web servers you connect to. When reading the next two paragraphs you will understand why interactive cookies that stored on your computer may also be stored in cookies at the host site. Although there are people who use non-interactive cookies, i.e. cookies that are only modified by the server to make your computer remember certain settings, but where no information needs to be sent out from your computer(2).
A service that relies on advertising revenues or that sells products will want to know whether you have been to its site before and if so, what ads you have already seen and what products you have been interested in. For that purpose its server will query your computer when you connect, and if the server finds a cookie that was deposited during a previous visit to that site, it will collect the information contained in the cookie to tailor (sic) new ad offerings accordingly or to speed up the process of directing you to the particular area of the site that reflects your presumed interest. Without such a query, and the subsequent return of information from the cookie file, the web server cannot tailor its offerings to repeat visitors and will operate with its default (new user) settings. Another common use for cookies is with subscription based services (newspapers, etc.) where users are often given the option of leaving their ID and password in a cookie to allow an automatic site-login at the time of their next visit.
Then there is some technical information that almost all web servers request from your computer because they need it in order to present their pages in the most suitable manner. Such information includes the type and version of your web browser and the type and version of your operating system, and if a server leaves a cookie on your computer such information may also be stored there. However, this kind of information is not personalized information, i.e., it is not referenced with to a user id or password, etc.
My previously expressed security and privacy concerns about the use of cookies is based on the fact that contrary to the intentions of those who invented the concept, unscrupulous companies are using cookies to collect information about your web use habits that you would not necessarily give out knowingly. They do this by querying your cookie file in a manner that releases the information contained in *all* cookies on your computer to the server. Furthermore, although it is supposed to be impossible, software being what it is, smart and devious people have developed numerous methods by which cookies can be used, under certain, admittedly rare, circumstances to either leave undesired information on your computer or to make it perform tasks that you have not authorized. Less rare are the instances, however, where cookies are employed by nosy outsiders to obtain private >information from your computer, such as a list of websites you have visited in the recent past (regardless of whether they sent cookies or not). These are my main concern.
There are numerous websites that explain in detail the function of cookies, their use and misuse, and what one needs to know to make an informed choice about whether to allow one's browser to accept cookies or not, and I have provided, in the reference list, two of them that I consider to be of good quality.(3)(4) I would recommend also that you take the time and follow the additional links provided on those 2 sites.
For a variety of technical reasons cookies are by far less of a danger to your computer than Trojan Horses, Worms, and Viruses. Their danger lies somewhere else: they are routinely employed to invade your privacy. Considering that children lack experience and insight into security and privacy issues, I would take a particularly dim view of any child-oriented service that sweet-talks its young visitors into modifying the settings of the browser they use.
Please feel free to use the information
provided here (I claim no copyright).
Bonnie Bracey <BBracey@AOL.COM>
References:
(1) http://dtp-aus.com/cookies.htm
(2) http://www.d-j-whiley.freeserve.co.uk/cookie.html
(3) http://www.uthscsa.edu/computing/pubs/security/cookie.html (link broken)