-----Original Message-----
From: cctalk-bounces(a)classiccmp.org
[mailto:cctalk-bounces@classiccmp.org]On Behalf Of Jerome H. Fine
Sent: Tuesday, August 17, 2004 10:18 PM
To: General Discussion: On-Topic and Off-Topic Posts
Subject: Re: Help with question about web page access
Ashley Carder wrote:
Cookies can be used to maintain information about
a user one THEIR
computer. This way the user does not have to re-enter the same
information each time they visit a web site. For example, I use cookies
on some of my personal sites so that a user can tell me his/her
name when
they first visit, then I drop a cookie on their
system that
contains their
name and they never have to enter it again. On
subsequent visits I just
read for the cookie rather than asking them for their name again. I use
this to identify a particular user on some sites where I like
to know who
> visits, but where the site's not sensitive enough to implement a user id
> and password login process. This works fine in a "non-public" computer
> environment.
The above was just one example of a way to use cookies. There are *MANY*
other ways that they are used.
Jerome Fine replies:
Since I MUST always login with the userid / password (which is
the only data that stays the same), that can't be the use made of
cookies in this case. PLUS, I also did login from another system
(ONLY once) and accessed the account records after ONLY
the userid / password was supplied.
Cookies are used for lots of other things, such as storing other
session data rather than passing it from page to page via query
strings in the URL.
Could cookies have anything to do with what Netscape
calls a
secure environment? The "LOCK" icon is "CLOSED" in the
lock position after start the login sequence.
Nah, that's for https:, which uses port 443 and encrypts and
decrypts data as it travels back and forth between the server
and the client.
In any case, cookies are REQUIRED and are used,
though
I have no idea for what purpose! Can anyone who has used
cookies suggest a good reason for their use?
They're basically used to place a small piece of data on the user's
computer so that it can be retrieved later, possibly during the
same session or perhaps on subsequent visits to the site. They
can last only for the duration of the current web session, or can
be set to have an expiration date some time in the future. You
can delete them yourself if you the folders to look in.
Lots of people seem to be scared of cookies, but IMO they're harmless.
They just contain a little piece of data that can be written and
retrieved by the web site during the current session or in the
future. They have a multitude of uses.
As for the environment, I would have to describe it as
PUBLIC
since I suspect that I could login from anywhere in the world. Since
the ONLY things that can be done are to make sure that the expected
account entries are present PLUS I can transfer funds between
2 accounts, there doesn't (at least in my mind) seem to be a possible
way for anyone who might break the userid / password to steal any
funds - any actual withdrawal of funds MUST be done in person at
the bank. I even disabled (cut off the bottom half with the magnetic
stripe) the bank card, so I authorize withdrawals the old fashioned way -
I give the bank my signature on a piece of paper!
Sincerely yours,
Jerome Fine
--
If you attempted to send a reply and the original e-mail
address has been discontinued due a high volume of junk
e-mail, then the semi-permanent e-mail address can be
obtained by replacing the four characters preceding the
'at' with the four digits of the current year.