Cookies can be set in two ways; one is when you load an HTML page from a server, the other way is when you load a graphic from a WWWServer (Newsgroups don't count).
Since a cookie only stores information any security risks are not with the cookie but with data that you give out to websites that can then be stored as a cookie. The current Cookie RFC will not allow cookies to be set by gifs, when it's finalized I'll change this paragraph.
Another Opinion This is a thread snippet (moved to the WWW) on cookies & security. Our hero is Greg, who works at C|Net (among other infamous establishments... at least that is where his email address is). It's a clear message on cookie related risk.
You can have your browser alert you before it accepts a cookie.
Netscape Navigator 3.0 & up
From now on you will get an Alert box telling you that a server is trying
to set a cookie at your browser. It will tell you what the cookie value is
and how long it will last before your browser deletes it
Cookie that I set (If you didn't deny it) by pressing the big cookie.
This CGI will show you all the cookies I have access to on your machine (which is one). There are other things transmitted to the server from your browser that don't have anything to do with cookies. These are; You computer type, browser type, IP (internet protocol) address, the page that linked you to here etc.
If you would like to see all the cookies you have stored on your hard drive search for the word cookies on IBM or MagicCookie on Macintosh, then open this file with a text editor. It won't look like much but there it is.
Here are some sample cookies on my hard drive:
Domain is the domain name of the server that set the cookie.
??? I don't know what this is.
Path is the minimum path that is required before your browser will send it's cookie.
Secure tells the browser if it should require a secure socket connection before sending it's cookie
Expire Date this is the date the cookie will be go away
Cookie Name this is the name of this particular cookie
Cookie Data this is the data contained in the cookie.
|Last Modified 6/29/97
Copyright© 1995, 1996, 1997 Andy Kington