Help with question about web page access

From: Ashley Carder <wacarder_at_usit.net>
Date: Tue Aug 17 22:38:09 2004

> -----Original Message-----
> From: cctalk-bounces_at_classiccmp.org
> [mailto:cctalk-bounces_at_classiccmp.org]On Behalf Of Jerome H. Fine
> Sent: Tuesday, August 17, 2004 10:18 PM
> To: General Discussion: On-Topic and Off-Topic Posts
> Subject: Re: Help with question about web page access
>
>
> >Ashley Carder wrote:
>
> > Cookies can be used to maintain information about a user one THEIR
> > computer. This way the user does not have to re-enter the same
> > information each time they visit a web site. For example, I use cookies
> > on some of my personal sites so that a user can tell me his/her
> name when
> > they first visit, then I drop a cookie on their system that
> contains their
> > name and they never have to enter it again. On subsequent visits I just
> > read for the cookie rather than asking them for their name again. I use
> > this to identify a particular user on some sites where I like
> to know who
> > visits, but where the site's not sensitive enough to implement a user id
> > and password login process. This works fine in a "non-public" computer
> > environment.

The above was just one example of a way to use cookies. There are *MANY*
other ways that they are used.

> Jerome Fine replies:
>
> Since I MUST always login with the userid / password (which is
> the only data that stays the same), that can't be the use made of
> cookies in this case. PLUS, I also did login from another system
> (ONLY once) and accessed the account records after ONLY
> the userid / password was supplied.

Cookies are used for lots of other things, such as storing other
session data rather than passing it from page to page via query
strings in the URL.

> Could cookies have anything to do with what Netscape calls a
> secure environment? The "LOCK" icon is "CLOSED" in the
> lock position after start the login sequence.

Nah, that's for https:, which uses port 443 and encrypts and
decrypts data as it travels back and forth between the server
and the client.

> In any case, cookies are REQUIRED and are used, though
> I have no idea for what purpose! Can anyone who has used
> cookies suggest a good reason for their use?

They're basically used to place a small piece of data on the user's
computer so that it can be retrieved later, possibly during the
same session or perhaps on subsequent visits to the site. They
can last only for the duration of the current web session, or can
be set to have an expiration date some time in the future. You
can delete them yourself if you the folders to look in.

Lots of people seem to be scared of cookies, but IMO they're harmless.
They just contain a little piece of data that can be written and
retrieved by the web site during the current session or in the
future. They have a multitude of uses.

> As for the environment, I would have to describe it as PUBLIC
> since I suspect that I could login from anywhere in the world. Since
> the ONLY things that can be done are to make sure that the expected
> account entries are present PLUS I can transfer funds between
> 2 accounts, there doesn't (at least in my mind) seem to be a possible
> way for anyone who might break the userid / password to steal any
> funds - any actual withdrawal of funds MUST be done in person at
> the bank. I even disabled (cut off the bottom half with the magnetic
> stripe) the bank card, so I authorize withdrawals the old fashioned way -
> I give the bank my signature on a piece of paper!
>
> Sincerely yours,
>
> Jerome Fine
> --
> If you attempted to send a reply and the original e-mail
> address has been discontinued due a high volume of junk
> e-mail, then the semi-permanent e-mail address can be
> obtained by replacing the four characters preceding the
> 'at' with the four digits of the current year.
>
>
Received on Tue Aug 17 2004 - 22:38:09 BST