Cookies are created when your browser loads a particular website. The website sends information to the browser which then creates a text file. Every time the user goes back to the same website, the browser retrieves and sends this file to the web server.
Cookies are created not only by the website that the user is browsing at any particular moment, but also by other websites that run ads, widgets, or other page elements. These cookies govern how the ads appear or how the widgets and other elements function on the page.
Standard uses for browser cookies
Websites set cookies to help authenticate a user if the user logs into a secure area of a website. Login information or credentials are stored in a cookie so that the user may enter and exit the website without having to re-type the same login information over and over again.
Session Cookies are used by the web server to store information about user page activities so users can easily pick up where they left off on the server’s pages. Without using such cookies, a webpage can not ‘remember’ where you were on your last visit – this can only be done with the use of session cookies. Session Cookies tell the server what pages to show the user so the user doesn’t have to remember where he/she left off or start navigating the site all over again. Session Cookies function almost like a “bookmark” when used on such a site. Similarly, cookies can store ordering information needed to make shopping carts work instead of forcing the user to remember all the items the user put in the shopping cart. This is very useful if your system experiences a disruption in connectivity or your computer ‘crashes’ while you are in thr process of filling a shopping cart.
Persistent or tracking Cookies
Persistent Cookies store user preferences. Many websites allow users to customize exactly how information is presented through site layouts or themes. These customizations make the site easier to navigate and/or lets user leave a part of the user’s “personality” at the site.
Cookie security and privacy issues
Cookies are NOT viruses. Cookies use a plain text format. They are not compiled pieces of code so they cannot be executed nor are they self-executing. Accordingly, they cannot make copies of themselves and spread to other networks to execute and replicate again. Since they cannot perform these functions, they fall outside the standard virus definition.
Cookies CAN be used for malicious purposes though. Since they store information about a user’s browsing preferences and history, both on a specific site and browsing among several sites, cookies can be used to act as a form of spyware.