Are Zombies Making Cookies in Your PC?

By Wayne Maruna

 

            Ridiculous you say?  Don’t bet on it.  Of course we’re not talking about zombies like in Dawn of the Dead or cookies like the Keebler elves bake and the Girl Scouts sell, but you probably already guessed that.  Computer techs have a way of usurping common words and applying their own different meanings to the words.  We do that largely to confuse you.

 

            You may have read advice somewhere along the line to occasionally ‘delete your cookies’.  Do not confuse this phrase with ‘tossing your cookies’.  There may be some similarities at the highest conceptual level, but in practice these are two completely different things.  If English is not your first language, you’re just going to have to trust me on that.

 

            So in the mystical land of computers, what exactly are cookies?  According to the entry in that online font of knowledge, Wikipedia:

 

            “A cookie…is a piece of text stored on a user’s computer by their web browser.  A cookie can be used for authentication, storing site preferences, shopping cart contents,….or anything else that can be accomplished through storing text data.”

 

            You can read the full Wikipedia article here:  http://en.wikipedia.org/wiki/Http_cookies#Session_cookie

 

            As a text file, cookies are not executable, which means they are not programmed to take actions, and they are not viruses.  Cookies, like rolling pins, are neither inherently good nor bad, but are characterized thusly by the way in which they are used.  For example, that rolling pin can be used to facilitate the spreading out of dough to help make a pie, or it can be used to whomp a philandering husband upside the head.  While some may see that as two examples of morally good use, the point remains.

 

            So how do you get cookies?  (I have to be very careful not to type ‘cooties’ because my spell checker will accept that.)  The website www.allaboutcookies.com explains that cookie files are generated by the site you are browsing on the web, and the cookie is accepted and processed by your computer’s browser (i.e. Internet Explorer, Mozilla Firefox, Opera, Safari, Chrome, etc.) which stores the cookie in a folder on your machine.  The browser returns the cookie to that same site when you return to it, helping, in theory, to navigate the site by letting you log in automatically and remembering preference settings.  This is why, when I return to the Suddenlink home page while using my computer, it knows enough to post a friendly ‘Welcome, Wayne” message at the top of the page.  Fortunately, a website can only access cookies on your computer that it put there.

 

            Cookies are controversial because, though they are inherently benign, they can and are used to track your movements throughout the web.  Marketers know what you are looking at and use the information, in partnership with the website, to place individualized ads that are most likely to attract your attention.  In this sense, they are often viewed as a form of spyware.

 

            For those who want nothing to do with cookies, most browsers do provide the option to turn them off.  But doing so comes at a cost.  For example, a while back I got a call from one of our Taberna users who said he could not complete a book purchase on Amazon because he was getting a message that the transaction could not be completed because he did not have cookies enabled.  I paid a call, showed him how to enable cookies in his browser, and then Amazon was very happy to accept his plastic money and send him his book.  Similarly, when shopping online, I sometimes will add items to my virtual shopping cart, then exit the site without completing the purchase transaction while I further contemplate the wisdom of that purchase.  When I return later that day, I find my shopping cart is still sitting in the aisle and still has the items I dropped in it earlier.  How does it know how to do that?  Yep, cookies.

 

            Just like in the cookie aisle at the grocery store, there are many different types of cookies.  There are session cookies that only last for the duration of the current website visit.  There are ‘persistent’ cookies that can last across multiple visits.  These are sometimes called tracking cookies, and are viewed as spyware by many anti-malware programs that will offer to remove them.  These usually have expiration dates.  But check out http://www.google-watch.org/cgi-bin/cookie.htm to learn about Google’s two-year expiration policy that is in effect a perpetual cookie. There are also ‘secure cookies’ which are only used when you are in an https (secure) web page.  These cookies are always encrypted when passing information to the server.

 

           Oh yes, did someone mention zombies?  These are meant to defeat the anti-malware programs and browser cache clearing mechanisms that clear cookies from your machine.  A zombie cookie is automatically recreated after a user has deleted it.  This is accomplished by storing copies of the cookie in various nooks and crannies, and using a script to resurrect a copy and put it back in place.

  

        If only Keebler made edible zombie cookies.  Think of it….you’d only need to buy one.  Eat it, and another reappears in its place.  I could get behind that!