Cookies come in several different flavours, and can be stored for a period determined by the creator of the cookie. This can range from days to several years.
Ones with an expiry date are "persistent cookies"; but "session cookies" don't contain an expiry date and only hang around for one browsing session.
Some cookies are "secure" - they won't be sent back to the server that created them unless there is a secure connection through using a specific security protocol.
Whatever the flavour of cookie, it's stored by your browser on your hard drive. On a Mac, Netscape bundles them all together as one file called MagicCookie, stored in the "System Folder/Preferences/ Netscape" folder. On a PC, they used to be all in one file called cookies.txt, but now each cookie has its own file, kept in the "C:Windows/Cookies" subdirectory.
A cookie looks like cryptic garbage along the following lines:
.hotbot.com TRUE/FALSE 937396800 inkIU 0Tesgs794D7608686918AC281
A cookie is always associated with a specific domain. In this example, it records visits to the Hotbot search engine (the domain www.hotbot.com). The rest of the information-string could include anything from items in your shopping trolley (at an online catalogue) to a username and password (on a "members only" site). When your browser has more cookies than it can handle (the cookie jar is full, as it were), it starts to delete the older ones.
If all this invisible activity makes you feel uncomfortable, here are a few steps you might take:
Dump them.
The beginning of the cookie file gives a warning on the lines of "Tampering with me could cause problems!". But if you delete the entire file, no major damage is done. The only hassle is that when you revisit a site that uses cookies, it'll have to put a new cookie file on your drive - and you may notice that the site no longer "knows" you've been there before.
Turn on your browser's "Always confirm before setting a cookie" feature.
The latest browsers have an option in their preferences to warn you whenever a server tries to plant cookie. In Navigator, the alert option is in the Options menu (go to Network Preferences and click the Protocols tab). In Explorer, click Preferences, and in the Advanced option set the Cookies warning level to the one you require. Nowadays cookies are so popular - some sites even contain several cookies on each page - that having to confirm each and every one you receive can quickly become very tiresome. Some sites will force you to press "No" repeatedly, because they'll attempt to place up to a dozen cookies on your hard drive!
Stop cookies altogether.
You can force most browsers to refuse all cookies with one neat trick - make the file where your browser stores its cookies non-readable (check your computer's manual or onscreen help to find out how to lock a file). Then when you quit the browser, it erases the cache of session cookies instead of saving them. There are many ways to defeat cookies, but blocking or refusing them can make your visit to some sites slower and clumsier - particularly if they are being used to perform various functions (such as shopping trolleys).
Get a cookie manager.
Several "anti-cookie" programs (and AppleScripts) allow you to manage, observe and delete cookies on a more selective basis. These include NSClean (see http:// www.webtronix.co.uk/nsc.htm), and Cookie Cutter from PGP Inc (http://www.pgp.com/products/) - though PGP has temporarily withdrawn version 1.5 from circulation for a week or two. Besides removing existing cookies, some of these programs let you set their expiration dates, tally the number of cookies a server attempts to impose etc.
Spoof!
Tom Harrington went one further with Cookie's Revenge, his free AppleScript that opens your cookie file and replaces the data with bogus information. Superficially it looks like all the data is intact, but the information has been scrambled and rendered useless. Sites will think that they're monitoring you when they're really only tracking random data. Download it from ftp:/ /src.doc.ic.ac.uk/packages/info-mac/comm/inet/web/ntscp/cookies-reveng e.hqx
Some cookie myths
1 Cookies can't tell The Irish Times that you've been cheating on it by reading another newspaper online. Web browsers keep the cookies from one site hidden from all other sites' gaze.
2 Cookies cannot contain viruses. They are text data rather than executable files. In this context there are much more worrying loopholes on the Net than cookies.
3 Cookies identify the computer, not the user. So if you use more than one computer for Web access, you might have a helpful cookie sitting on one computer and not on the other.