What is a cookie file (COOKIES.TXT)?

Electronic 'cookies' are files that store information about where you go and who you visit on the World Wide Web. In other words, they are not programs and do not gather information on their own. However, they can collect personal information that you enter or generate when you access the Internet. Originally, cookie files allowed Webservers the ability to customize a website on a person by person basis, without filling up the server's hard drive space. In other words, in order to save space on the Webservers' hard drives this information is saved in your computer. This also saves the owners of the Webservers money. If you have never been asked whether you want to accept a cookie, I am sad to report that your browser is set to automatically give and receive cookie files. Cookie files let the Webserver know the date and time you visited their site and any other information that they think they need. In general, they are use to both store and retrieve information on you, the visitor.

How do Cookies Files work?

When you visit a website, the Webserver requests your browser to give up your cookie file. The server takes your file, adds the information that it see fit to place in your cookie file, and gives it back to you. If you refuse to accept the cookie file the Webserver will ask you to reconsider anywhere between 5 and 20 times. This becomes extremely annoying, since you must hit the "Cancel" button every time the question is asked and it wastes your time on the net answering stupid questions. After this point, if you still refuse to accept the cookie file, the Webserver might not allow you into their site (for example Microsoft.com or MSN.com). In short, cookie files are harmful to your privacy. You should understand that accepting a cookie gives the Webserver access to any personal information that is stored in said file. Cookie files may have started off being something worthwhile but now they are tools used against you for the benefit of the websites you visit.

According to Marshall Brain, who wrote the pro cookie article at www.verizon.com, cookie files works like this...
"I have visited goto.com, and the site has placed a cookie on my machine. The cookie file for goto.com contains the following information:
UserID A9A3BECE0563982D www.goto.com/
What goto.com has done is stored on my machine a single name-value pair. The name of the pair is UserID,and the value is A9A3BECE0563982D. The first time I visited goto.com, the site assigned me a unique ID value and stored it on my machine.
[Note that there probably are several other values stored in the file after the three shown above. That is housekeeping information for the browser.]
The vast majority of sites store just one piece of information -- a user ID -- on your machine. But there really is no limit -- a site can store as many name-value pairs as it likes.
A name-value pair is simply a named piece of data. It is not a program, and it cannot "do" anything. A web site can retrieve only the information that it has placed on your machine. It cannot retrieve information from other cookie files, nor any other information from your machine....
The first time a visitor arrives, the site creates a new ID in the database and sends the ID as a cookie. The next time the user comes back, the site can increment a counter associated with that ID in the database and know how many times that visitor returns."

According to Mr. Brain's article, one website cannot retrieve information left by other websites. This is partially true. One website may not be able to read the information that is linked to the unique ID value left by one particular website. However, each website has its own particular way of tagging its visitors. In other words, it would be pretty easy, for example, for Amazon.com to tell if you have ever visited Barnes & Noble.com. What is not addressed in Mr. Brain's article, and articles like his, are the following questions…

• Why does the visitor need a unique ID value?
• Why does the Webserver need to record how often a visitor visits a particular site?
• Who's purpose does the "unique ID value" serve? The visitor? The Webserver?
• If the Webserver is making money on the accumulation and/or sale of the information contained in the cookie file, why isn't the visitor being paid for storing and transporting the Webserver's property (that information that is being stored in the cookie file) on the visitors computer?
• If the visitor is forced to store and transport this so called 'harmless' information (which in essence allows Webservers to tailor the banners and 'pop-up' ads that the visitor sees), shouldn't the visitor be paid for all this work? Shouldn't the visitor be compensated for the wear and tear on his or her computer? Shouldn't the visitor be reimbursed for the time they wasted dealing with slow Internet speeds and all that visual noise?

What can be found in your cookies file?

This all depends on what the Webserver places inside your cookie file. Some Webserver do not place a "unique ID value" into your cookie file. In other words, the cookie file could contain your e-mail address, username, and your password to certain sites that charge you for viewing their site. It could contain your full name, address, and phone number, if you have gone to a site that requested this type of information. In other words, it could contain anything because you do not have the choice of what is placed in your cookie file. If you visit a news agency, your unique ID value would be linked to your visitation record in the Webserver's database that would keep track of your reading preferences. In other words, the unique ID value would help the Webserver in remembering the news articles you read and those news articles you did not choose to read. Your cookie file may also contain what type of shareware and freeware software you use in your computer. A cookie file and/or enabling your Javascript (in your broswer) could allow your email address to be placed on a mass email list, so you can get junk mail or invitations to join porno sites. The possibilities are endless. If you want to read your cookie file, search your hard drive for a file named cookies.txt.

Why you should turn off your Cookies File?

Because a cookie file is an invasion into your privacy. In an interview with Playboy magazine (February 1996), Andrew Bacard, author of "The Computer Privacy Handbook", stated, "Privacy is the ability to control what, when, and how your personal data is given to other people. Powerful institutions believe their right to privacy has a bonafide basis (for instance, "national security" or "trade secrets"), while the individual's claim to privacy is suspicious and subject to these institutions' veto. For me, privacy is a necessary part of democracy. That's why we vote with secret ballots." To Playboy question, "Yet many people reading this may be thinking, So what? I have nothing to hide," he replied, "Show me someone who has no financial, sexual, social, political, or professional secrets to keep from his family, neighbors or colleagues, and I'll show you someone who is either an exhibitionist or a dullard. Show me a corporation that has no trade secrets or confidential records, and I'll show you a business that isn't very successful. Discretion and tact are pillars of civilization."

Suggestions on how to turn off your Cookies File?

To turn off your cookie file in Netscape Communicator: click edit, preferences, advanced, click the circle next to line that states "Disable Cookies" and click the box labeled "Warn me before accepting cookies". Then click "Ok".

If you have something other then Netscape Communicator find your cookies.txt file on your hard drive. Use a text editor and replace the entire contents of the file with one character, for example "?". Save the file as cookies.txt and then, this is very important, give the status to the file "read only". This way when you go to a site that ask for you cookie file, it will only receive a cookie file containing "?". When the server tries to write something to your cookie file, the read only status of the file will not allow anything to be place in the file, the on-error checking in the browser should discard the additions to the cookie file, and everything should go on as normal.

UNIX/Linux users - You can permanently prevent Netscape from writing a cookie file! Simply do the following :
'cd' to your Netscape directory
'rm cookies'
'ln -s /dev/null cookies'

First Posted on 11-10-1999
Revised 08-21-2013