Rob Schaap wrote: > G'day Sabri, > >>But when you visit a website that >>dropped that cookie on your computer, the website has access to >>the cookie and can process that information on your computer. Why >>is this not also a violation of privacy according to the US law? > > I was under the (unusually optimistic) impression that cookies could in > fact not do that. It records browser info, but doesn't penetrate your > HD, I thought. Am I to be disillusioned yet again? >
yes and no. cookies are stored on your hard disk by the browser (not by the web server - the web server sends a cookie to your browser. its up to the browser and/or you to accept that cookie. if you use a browser like internet explorer that choice is often made for you by the browser). the information that is stored in the cookie can be any arbitrary text and is limited only by size. some particular clarifications: 1) while cookies are stored as files on your computer, that does not mean they are like software. a cookie cannot find things out about you by exploring your disk or watching what you do. its just a file (or part of a file), its not software. 2) information that is stored in the cookie can be personal info about you only if you have submitted that information in some way. if a cookie contains your date of birth, thats there because you provided that information somewhere in a web form or some such. 3) cookies can be and are used to track your behaviour. cookie info can be shared across sites and this is used not only for tracking your preferences/behaviour or customizing your content but also provide a means for those who have personal information about you (say amazon.com, your bank, etc) to share that information (unless prevented by law). 4) all of this is true in the ideal world. browser security holes can and often compromise the security of your system and the information on it. microsoft's tight integration of its various technologies (windows <-> explorer <-> VBscript/ActiveX/etc) often blurs the boundaries of the sandbox security model that avoids various security pitfalls. plug: for better control over the cookies stored on your system: http://www.mozilla.org/ -- mozilla release candidate 3 if you do choose to download and install mozilla, i will give you unlimited assistance with using it (to the extent that i can). --ravi