Cookies, but not the ones with sugar in it.

Cookies, but not the ones with sugar in it.

You know, I know

We’ve all heard how companies like Facebook and Google can use cookies to follow us around the internet and keep track of what we’re interested in. They do this to sell targeted ads or in some cases even share that data with others without our permission.

 There has been a lot of fuss around the fact that Facebook tracks its users across the internet. So, how do they do this? Before we dive in, let’s look at what cookies are and why they exist. Starting with some quick history.

 The creation of & the explanation

The cookie was created in 1994 by an employee of Netscape communications, the same company that made the browser. He was creating an online shop, and he didn’t want to store the contents of the shopping cart on the server. Instead, he wanted a way to save it on the computers of the visitors, right until they made their purchase. The reason for this is simple: if the server doesn’t have to keep track of everyone’s shopping cart, it has less work and can save money.

 In 1994 the Netscape browser implemented cookies and the next year Internet Explorer followed suit. However, two years later the first concerns were raised when it was discovered that cookies could potentially invade our privacy. That would turn out to be very true, but we’re getting ahead of ourselves here. Let’s take look at how cookies work. Let’s imagine we have a website that requires people to log in to see the contents of the site.

 When you log in, your browser sends your username and password to the server, who verifies them and – if everything checks out – sends you the requested content. However, there is a small caveat. The HTTP protocol, which we use to browse the internet, is stateless. That means that when you make another request to that same server, it has forgotten who you are and will ask you to log in again.

 Can you imagine how time-consuming it would be to browse around a site like Facebook and having to log in again every time you click on something?

 So, cookies to the rescue!

 You still log in to the website, and the server still validates your credentials. If everything checks out, the server not only responds with the content but also sends a cookie to your browser. The cookie is then stored on your computer and submitted to the server with every request you make to that website. The cookie contains a unique identifier that allows the server to “remember” whom you are and keep you logged in.

 As you can see, cookies are very useful, and they make our lives a lot easier. But it doesn’t stop there! Besides keeping you logged in, cookies can also be used to store your settings. Let’s say you change the number of results your favorite search engine should return. Chances are high that they save this preference in a cookie and not on their servers.

But there are also some restrictions on the use of cookies. Most browsers only allow websites to store a maximum of 300 cookies and they cannot contain a lot of data. The biggest limitation is the fact that cookies set by one website, can’t be read by another. And that restriction raises the question:


How can companies use cookies to track us around the internet?

Well, the whole process starts when you log in to Facebook. To remember that you’re logged in, Facebook stores a cookie on your computer, nothing unusual about that, many other sites do the same thing. This cookie is scoped, or bound to Facebook’s domain name, meaning that no one else besides facebook.com can read what’s in the cookie. Let’s now imagine that you browse away and you land on someone’s blog. The blog cannot read your Facebook cookie, and the scope prevents that. Facebook also can’t see that you’re on this blog.

 All is well. But let’s now assume that the owner of the blog places a Facebook like button on his website. To show this like button, your browser has to download some code from the Facebook servers, and when it’s talking to facebook.com, it sends along with the cookie that Facebook set earlier. Facebook now knows who you are and that you visited this blog. I’m using Facebook as the example here, but this technique is used by many other companies to track you around the internet.

The trick is simple: convince as many websites as possible to place some of your code on their sites. Facebook has it easy because a lot of people want a like or share button on their website. Google also has an easy job because many websites rely on its advertisement network or on Google Analytics.

At this stage, cookies are getting out of hand.

So, what can we do to prevent these cookies from tracking us on the internet? As a user, you can protect yourself from trackers by installing a browser extension that blocks them like Privacy Badger or Ghostery. You could also switch to a browser with built-in privacy protection tools like Brave or Safari. And if you don’t want to do anything, the law is on your side. More and more politicians realize that cookies are a threat to privacy and that the use of trackers should be regulated. In Europe, we have the GDPR which requires websites to be transparent about their use of cookies and requires sites to offer users a simple way to opt-out. You’ve probably seen these annoying cookie banners asking for your permission. Next time you see them, don’t just click on accept but look at what cookies the website wants to place on your computer and for what purpose.

A small summary

 cookies were invented to make our lives easier and allow us to stay signed into websites or remember the settings that we changed. However, the downside is that cookies, along with other techniques, can be used by large corporations to follow us around on the internet and gather data about us that they can potentially sell to others.

I hope you found this article interesting and you learned to not click automatically yes when a website asks you to accept his cookies. I know, cookies are tempting, just watch out with them on the internet!

要查看或添加评论,请登录

Dylan Laseur的更多文章

  • Serverless explained

    Serverless explained

    Serverless cloud products are all the rage right now. You have serverless computing, serverless databases, serverless…

  • The history of computing

    The history of computing

    We'll be discussing the evolution of computing - more specifically, the evolution of the technologies that have brought…

  • Middleware - what it is and why we need it

    Middleware - what it is and why we need it

    Middleware is computer software that provides services to software applications beyond those available from the…

    1 条评论
  • Simply explained: How software is made

    Simply explained: How software is made

    A software program, otherwise known as software, is initially compiled out of the digits 1 and 0. This is known as…

    1 条评论
  • Will GDPR be the end of blockchain or the other way around?

    Will GDPR be the end of blockchain or the other way around?

    A conflict of interest on May 25th, 2018 a new privacy law took effect in Europe. The GDPR or General Data Protection…

    2 条评论
  • What is deepfake & why is everyone talking about it?

    What is deepfake & why is everyone talking about it?

    As the US 2020 elections loomed near, AI-generated deepfakes are hitting the news. But what are deepfakes and are the…

  • Simply explained: APIs (Application Programmable Interfaces)

    Simply explained: APIs (Application Programmable Interfaces)

    When you hang around programmers, you might have heard about APIs and how they can be used to perform certain tasks or…

社区洞察

其他会员也浏览了