Tuesday, April 2, 2019
How Cookies Are Used On The Internet Computer Science Essay
How Cookies Are Used On The meshwork Computer Science EssayThis paper ordain converse how cookies ar use on the Internet and the risks associated with cookies. The essay will beg off what computer cookies are, how they are apply, the security issues that are associated with cookies and whether are needed for Internet browse. Computing cookies are used by mevery commercial websites to fit in variables when you jump through various foliates, however, they can be used for more(prenominal) sinister purposes. This is why a web browser will allow a substance ab exploiter to turn the storing of cookies off.A computing cookie is a wedge which helps a server recognize who a exploiter is. When a substance abuser is browsing the Internet, the server that provides the websites does non know who they are. This is not a caper when the user visits static websites. However, when a user visits an interactive website that requires them to log in or commend a shopping list, the browser does need to cogitate who you are (Schneier, 2004171). The reason for this is that, if it could not remember who the user is, then you would use up to log in every time you visited a different varlet within the same companys website and it would not remember a shopping force when the browser moved from a main page to a checkout time page (All just about cookies, 2011). The way it remembers this info is by using a cookie.A cookie comes in two forms temporarily or persistent. A temporarily cookie is stored in the browsers memory and is destroyed when the browser is keep out down. This type of cookie is used so the server can remember what activity has taken place throughout a website. This is useful on an e-commerce website where there is a shopping pushchair because, the website needs to remember what has been dictated in the shopping cart when the user moves between pages and then at last to the checkout page. If a cookie was not used the shopping cart would appear empty every time a different page that was visited within the same website (All about cookies, 2011). A persistent cookie is stored on the computers hard drive as a file it could be stored for any amount of time that the server sets (Pfleeger Pfleeger, 2006 434). It is used for remembering login details and preferences so that every time a user visits a website, the server remembers their selections. An practice of this could be the language that the user has chosen to view the website in (All about cookies, 2011). The whole idea is to make the browsing experience much more pleasant. Persistent cookies are also used to track the websites a user visits this is done to target advertisements to specific users. This means that cookies can reduce the chance that a 25 year old single man is served an ad for diapers when he goes on his favourite sports site(ARA, 2005). Many reputable sites including Google, Yahoo and benni Street use this method target adverts (Penenberg, 2005). However, th e method raises concerns about the covert of users as profiling software can determine many different aspects of a users identity with fairly honest precision, things like gender, race, age, income, religion, location, marital status, children, pets and intimate orientation. A public outcry followed and for this reason it has been possible to turn cookies of in Internet Explorer since version 3 (Kayne, 2011), which was released in 1996. In 2009 the European Union passed a law on the way cookies are used within websites based in Europe. The new law means that a cookie will not be allowed to be place unless the user has been briefed about what it is for and how it works and also given their consent for it to be placed (Chacksfield, 2009), the only exception to this law will be if the cookie is strictly necessary for the service the user has requested like in the contingency of an e-commerce website (Robertson, 2009).Security issues are associated with the use of cookies, this is because the nature of a cookie is to conglomerate data, although this is normally a username and password, they can be used to collect otherwise data. Cookies can store anything about a client that a browser can determine keystrokes the user types, the machine name, connection details (such as IP address), date and type, and so forth.(Pfleeger Pfleeger 2006 434) The reason this can become a security issue is because, cookies are not designed to provide protective cover so there is no way of confirming a cookies integrity, also, not all companies encrypt cookies. When a company does not encrypt a cookie, an eavesdropper can steal and reuse the cookie, impersonating a user indefinitely.(ibid 236) Cookie intoxication is some other problem that can arise from storing cookies cookie poisoning is when the data inside the file is modified. This can result in the bypassing of security mechanisms, core an attacker can gain unauthorised information about another user and then steal th eir identity. (Imperva, 2011) Cookie poisoning is a argument Tampering attack, a parameter tempering attack is where an attacker will modify the parameters entered into a hidden or fixed field. These fields are the only security measure for certain operations. This makes this kind of attack useful to an attacker because a cookie can hold sensitive information about the user. Other parameter attacks including SQL Injection, Cross-Site Scripting and Buffer Overflow can be executed using cookie poisoning. (Imperva, 2011)In conclusion if cookies are used for the purpose they were intended they are a good thing. They make the browsing of websites a much more pleasurable experience with the cookies saving the user preferences this means a website tailored to the users likes. They also provide a good platform for marketers to target adverts to a specific user, meaning they see adverts for things they are much more likely to buy. As with anything over a lucre there are security risks from cookie poisoning and the privacy concerns, however, with browsers allowing cookies to be switched off the concerns can be overcome.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment