How do cookies work?

How do cookies work

Have you ever wondered why you see ads from the shops you’ve visited in your Facebook newsfeed? The answer is cookies. No, we’re not talking about baked cookies, but the ones stored on our computers.

You can’t have missed the fuss that Facebook or Google can use cookies to track your activity on the Net. I might surprise you, but that’s not something new. In fact, concerns about the use of cookies can be tracked back to 1996.

But you probably don’t understand why. So, today we’re going to talk about how cookies work and how Internet sites might use them to spy on you. Keep on reading.

How did cookies appear?

Lou Montulli created the cookies among other innovations such as HTTP proxying and bling tag. He worked for Netscape and implemented the cookies first in the Netscape browser. It’s an old browser, which you have never heard of before, probably.

That happened in 1994 and Internet Explorer also started to use cookies in the next year. But what was Montulli goal?

Well, Montulli was also looking for a way to make online shops more efficient. He wanted to avoid storing the shopping cart content on a server because you’d require big servers to keep track of what everyone was buying. Instead, he wanted to keep that information on the buyer’s computers.

The purpose of the cookies was also to identify if users have visited the browser before and as a way for the browser to remember your preferences.

How do cookies work?

Let’s imagine that Montulli never came up with the cookies idea. In such case, we’d have to identify ourselves all the time when visiting sites. I’ll explain it with an example. 

When you log into Facebook, you provide your username and password. Your browser sends that information over to the server, which verifies that you’re who you say you are. As a result, you get access to Facebook.

The problem is that the HTPP protocol, which we use to connect to the Internet, can’t remember you when you make requests. So, once you’ve logged into Facebook and you click on something, the server will ask you to identify again.

Can you image logging constantly on Facebook? Fortunately, you don’t have to do it because we have cookies, which make life easier.

Cookies are not programs, as some of you might have started to believe, misled by other explanations. 

Cookies are small text files, which the servers store on the user’s computer. These text files can’t access other information on your device or interfere in any way in what you’re doing. They contain information - a unique identifier, which helps the server verify that it’s you accessing Facebook, not another user.

But why does the server store the cookie on your device? Well, every time you make a request on Facebook, you submit the cookie along with your request. In this way, Facebook verifies that you’re the right user and doesn’t ask you to log on again.

What’s more, cookies:

  • Help determine how many people have visited the site
  • Allow sites to count old vs. new users
  • Save your preferences
  • Allow sites to implement “quick checkouts”

Of course, cookies can be removed. If you have problems with your browser and you can’t access a certain website, the first advice you get is to clean the cash and delete the cookies.

How can websites use cookies to track activities?

One of the most important rules about cookies is that a cookie created by one site can’t be read by another. In simple words, your Facebook cookie can’t be read by Amazon, for example.

So, if websites can’t read each other cookies how come we see those ads in our newsfeed? And how could someone use cookies to track our online activities?

Let’s say that you’re reading a blog on the Internet. From what we explained so far, the blog can’t access your Facebook cookie, and Facebook doesn’t know that you’ve opened this particular website. And here comes the “but” part.

Most websites nowadays have a “Like” or “Share” button, which allows you to like the article or share it on your Facebook page. So, Facebook’s code is included on the page you’re trying to load. Consequently, your browser has to “talk” to Facebook to display its content.

When it does, it sends the cookies it has already created the first time you logged on Facebook. And as a result, Facebook now knows what you’ve been looking or what products you’ve scrolled through.

And you don’t need to click the button or the ad for Facebook or Google to track you. It happens automatically when you load the page. These cookies are called third-party cookies.

The same method is used by other companies to include a part of their code in a webpage. Facebook is the easiest example because everyone wants his content to be shared or liked and to attract more visitors to the site.

Google is the other major player in this league because many sites have ads that are powered by Google. The same goes for Twitter, Instagram, and YouTube. 

And while cookies are necessary if we don’t want to log constantly into online shops or websites, some sites expose us to too many cookies. For example, visiting LinkedIn exposes you to 28 cookies, while Yahoo allows more than 400.

You can watch this video for more information on how cookies work.

How to protect against unwanted cookies?

There is no denying that cookies are necessary, but you might not to see targeted ads or share so much information with websites. Not to mention that some websites can sell your data to third-parties. So, what can you do in these circumstances? Well, you can:

  • Install a browsing extension to block cookies like Privacy Badger
  • Switch to a different browser. Safari and Brave have built-in protection.
  • Stop using the Internet (just kidding.)

The European Union takes the dangers of cookie tracking very seriously. If you live in the EU, you might have noticed that sites are warning you that they use cookies and that they ask you to confirm what information they are allowed to store. That’s because of the new GDPR laws, which aim to protect personal information.

So, the next time you see the banner asking you choose what cookies can remember about you, you should read through that section carefully. Don’t click “I agree” automatically.

The bottom line is that cookies are small files, which contain verifying information. They exist because no one wants to have to log constantly on websites. However, in the modern era, cookies have turned into a powerful weapon for gathering personal information and building a rich profile of the computer user. So, proceed with caution. 

What do you think on the matter? Did you understand how cookies work? Share what you think about cookies in the comment section.

(Last Updated On: May 25, 2022)
About the author

    Whale Sumo

    Hwang is a self-proclaimed nerd who loves helping people understand complex concepts. He has a passion for crypto and online privacy and enjoys teaching others about the benefits of both. Hwang is an advocate for individual freedom and believes that knowledge is power. When he's not busy sharing his knowledge with the world, Hwang can be found running full marathons or playing video games.