Transcript EDW 647: The Internet

EDW 647: The Internet
Cookies: What is a “cookie”?

Cookie – small chunk of data generated by a
Web server and stored in a text file on your
computer
A cookie is created by a Web server and
stored on your computer’s hard disk
Dr. Roger Webster & Dr. Nazli Mollah
Adapted from Computer Concepts, New
Perspectives, Thompson Course Technology
24
EDW 647: The Internet
What is a “cookie”?

Web sites use cookies to:

Track your path through a site to keep track of the pages you viewed or the items you
purchased

Provide information that allows the Web site to present you with ad banners targeted to
products you previously purchased at that Web site

Collect personal information you type into a Web page form and retain any personal
information that you type into a Web page form
Dr. Roger Webster & Dr. Nazli Mollah
Adapted from Computer Concepts, New
Perspectives, Thompson Course Technology
25
EDW 647: The Internet
Why do Web sites use cookies?

You are on your favorite online music store

You search for your favorite band, new music, listen to sample tracks

Altogether you may have viewed 2- Web pages

Each time you connect to a different page, the server regards it as a new visit

Cookies allow the music site’s server to identify you so that your request won’t be
mixed up with other thousands of people visiting the same online music store

Cookies also enables the server to keep track of your activity and compile a list of
your purchases
Dr. Roger Webster & Dr. Nazli Mollah
Adapted from Computer Concepts, New
Perspectives, Thompson Course Technology
EDW 647: The Internet
How do cookies work?
your browser connects to a site that uses cookies
browser
the server sends a “set-cookie” HTTP message
server
the cookie is saved by your browser onto your
computer’s hard disk

the cookie message can include a:







customer number
shopping cart number
part number
other data
expiration date
domain name of the host that created the cookie
a server that creates a cookie can request it the next time you connect to one its Web
pages
Dr. Roger Webster & Dr. Nazli Mollah
Adapted from Computer Concepts, New
Perspectives, Thompson Course Technology
EDW 647: The Internet
Are cookies safe and private?

Cookies are a relatively safe technology

Data, not computer program

cannot executed to activate worms or viruses

Can only be accessed by site that created it

Contain only information you disclose while using the site




a cookie cannot rummage through your hard drive to find passwords
BUT if you enter your credit card number during an online purchase it is possible for the cookie to
store that number – same with SSN
most reputable Web sites do not store such sensitive information
Uses a customer account generated number instead of your name

your name is not associated with your cookies unless you entered it into a form, which is then
transferred to a cookie
Dr. Roger Webster & Dr. Nazli Mollah
Adapted from Computer Concepts, New
Perspectives, Thompson Course Technology
26
EDW 647: The Internet
Does my computer have to accept cookies?
Dr. Roger Webster & Dr. Nazli Mollah
Adapted from Computer Concepts, New
Perspectives, Thompson Course Technology
27
EDW 647: The Internet
How long do cookies stay on my computer?


A Web programmer can program cookie to “time out”
You can delete the cookies


Firefox uses Cookies.txt or Magiccookie
IE stores each in a separate file
Dr. Roger Webster & Dr. Nazli Mollah
Adapted from Computer Concepts, New
Perspectives, Thompson Course Technology
28
EDW 647: The Internet
Online Shopping
Dr. Roger Webster & Dr. Nazli Mollah
Adapted from Computer Concepts, New
Perspectives, Thompson Course Technology
EDW 647: The Internet
Shopping Carts: What’s an online shopping cart?

Shopping cart – cyberspace version of the good old metal cart that you wheel around
a store and fill up with merchandise

Shopper browses Web site, and then adds products using a “Buy” or “Add to Cart”
button

Uses cookies to store information about your activities on Web site
Dr. Roger Webster & Dr. Nazli Mollah
Adapted from Computer Concepts, New
Perspectives, Thompson Course Technology
EDW 647: The Internet
Shopping Carts: What’s an online shopping cart?

Add to Cart


View Cart


When you check out, the server asks your browser for all the cookie data that pertains to
your chopping cart items
Cookies


when you click the “Add to Cart” button, the merchant’s server sends a message to your
browser to add that item number (or ID number) to your cookie, which is them stored on your
computer
Your browser sends those cookies along with a request for an order summary
Web Server

The Web server uses the cookies to produce a Web page listing the items you want to
purchase
Dr. Roger Webster & Dr. Nazli Mollah
Adapted from Computer Concepts, New
Perspectives, Thompson Course Technology
EDW 647: The Internet
Is it safe to shop online?




spyware is any technology that surreptitiously gathers information
In the context of the Web and e-commerce, spyware secretly gathers information and
relays it to advertisers or other interested parties
Web marketers use several spyware techniques, including ad-serving cookies and
clear GIFs
Ad-serving cookies




if you click an ad, this 3rd party can create an ad-serving cookie and use it to track your
activities at any site containing banner ads from that third party
They claim that it is to simply serve you better targeted advertising
but privacy advocates worry that shopper profiles are compiled, sold, and used for
unauthorized purposes
Clear GIFs





typically 1x1 pixel graphic on a Web page
can be used to set cookies to a 3rd party Web site
You don’t even have to click a banner ad to receive the GIF-activated cookie
simply viewing the page that contains a clear GIF sets the cookie
Cookies created with clear GIFs have the same uses and potential for misuse as ad-serving
cookies

ad-blocker software and anti-spyware are designed to block ad-serving cookies, clear GIFs, and
other spyware – some even block banner and pop-up adverts altogether – these are becoming
increasingly popular products, despite their tendency to slightly slow your browser’s response time
Dr. Roger Webster & Dr. Nazli Mollah
Adapted from Computer Concepts, New
Perspectives, Thompson Course Technology
EDW 647: The Internet
Can credit cards be intercepted?

Can credit card numbers be intercepted while traveling over the Internet?

YES

A packet sniffer (protocol analyzer) is a computer program that reads (sniffs) data
packets as they travel over networks




most devices read only packets addressed to them, but packet sniffers read packets
addressed to other devices
good for network administrators who have a legitimate need to observe/ open packets to
their network
dangerous for hackers
Ethereal is a well-known packet sniffer software
Dr. Roger Webster & Dr. Nazli Mollah
Adapted from Computer Concepts, New
Perspectives, Thompson Course Technology
EDW 647: The Internet
Transaction Privacy & Security

To protect your data from packet-sniffing data, you should engage in electronic
transactions only over secure connection

A secure connection encrypts the data flowing between your computer and the Web
server

Even if a hacker can access packets containing your payment data, it is of little use if
the data is cannot be decrypted

Technologies that create secure connections include SSL and HTTPS
Dr. Roger Webster & Dr. Nazli Mollah
Adapted from Computer Concepts, New
Perspectives, Thompson Course Technology