Most people probably don't know this but every time you visit a website a "cookie" is placed on your computer. Not the type of cookie shown in this picture (which is one of my favorites - white chocolate chip macadamia), but the type of cookie that helps website owners track information related to their visitors and improve the overall user experience.
A cookie is simply a character string representing a key/value pair (e.g. "visitorID=23498EFDAB323"). These key/value pairs are sent back and forth between your browser and the website's server with every request.
Most cookies contain user preferences (i.e. language, local branch/store, layout, etc) as well as unique identifiers to track a visitor throughout the website.
Marketpath uses cookies frequently for tracking visitors, online customers and current orders, among other things. Upon my visit to marketpath.com the following visitor id cookie was added:
MPVisitorID=ed9f81ea-1d2d-451c-bc4f-f7352ed63ed9
MPVisitorID is the name of the cookie and the long ugly alpha-numeric string is the ID.
Since cookies are just bits of text they cannot be executed like a virus and are not considered to be a virus. But they can present other challenges by transmitting personal information in plain text if the connection is not encrypted.
As is our standard practice, we never store or transmit personal information via cookies. The id shown above is a unique identifier that contains no information outside our system. It is the same as your library giving you an account number of "1232154". Outside of the library's internal database "1232154" means nothing.
Most websites share the same practices because nobody wants to be cited for privacy issues. There are poor developers out there, though, that unknowingly choose to store personal information in cookies which can lead to those cookies being readable by others. Any plain text sent to and from your computer can be intercepted by anyone on the Internet with the tools and know-how.
But most browsers warn you if you are at risk of passing personal information, so you should pay attention to this and let website vendors know if you see these messages. Website developers don't often test for every possible combination of pages, products, and results which may lead to an occasional misidentification of security issues. As long as developers don't store personal information in cookies and only pass that information in secure page requests, you will be ok.
Cookies are also only limited to the domain of the request. If you browse to marketpath.com/home any cookies created or retrieved from that request are limited in scope to marketpath.com. We cannot ask for cookies stored from google.com because the browsers (at least the big dogs - IE, Chrome, Firefox, and Safari) will not allow it. If you're still using Mosaic then you're on your own!
Third party cookies are cookies created by outside domains, often ad services such as Google, Bing, or Yahoo, but used on your website. These cookies help the ad services recognize the ads you've seen and potentially personalize the ads displayed based on your browsing habits. These adhere to the same safety concerns as regular cookies but aren't controlled by the website including them.
​Here are several sites where you can learn more about cookies.
http://en.wikipedia.org/wiki/HTTP_cookie
http://www.microsoft.com/info/cookies.mspx
http://support.mozilla.com/en-US/kb/Cookies
http://www.allaboutcookies.org/
Although cookies are a fairly simple technology, you may have some questions about them. If so, please post your question(s) in the comment area below.
