If you want to do any client tracking or data retrieval, one of the best ways to do this is with persistent HTTP cookies.
There is a lot of fear on the Internet that cookies will damage your hard drive, copy your data, and reveal your secret super hero identity. However, this is really not true. According to the CIAC, "[the] vulnerability of systems to damage or snooping by using Web browser cookies is essentially nonexistent."
In fact, the vulnerability is more in what information you give to the Web site, than what they can take. If you fill out a form on a Web site, and give them your name, address, and phone number, they could conceivably store that information in a cookie to retrieve the next time you came to that site. But this is very unlikely. They are more likely to give you a unique ID that is stored in a cookie, and relate that to a database entry with your name, address, and phone number.
What are cookies?
Cookies are, according to Netscape, "a general mechanism which server side connections (such as CGI scripts) can use to both store and retrieve information on the client side of the connection."
But what does that mean?
Basically, it comes down to the way that Web pages are built from the server to the browser. Every time you create a new page, the server starts the page from scratch, losing all information that may have been gathered from a previous page. When you fill in a form, the server takes your entries and interprets them based on the CGI to present you with the next page. However, if you then need to go to a third page, the information gathered on the first page is lost to the server, unless it is saved in some fashion.
The most common method to save information is in hidden fields. These are passed to the server along with all the other form entries. But hidden fields require that you always stay within the CGI so that they aren't lost.
Then along came cookies. Cookies gave Web developers the ability to save information from forms onto the client machine. Since you are filling out the form or buying the merchandise, storing the information you provide on your machine seemed a good solution. It is more secure than hidden fields, and it allows you to go anywhere on a Web site and not lose the information.
Most cookies are set once and then go away when you turn off your browser. The other type of cookie, the persistent cookie, is set once and remains on your hard drive until either your space for cookies is full (there is a limited amount) or the time stamp on it expires.
Cookie Security
The easiest way to secure yourself against the supposed dangers of cookies is to get one of the latest browser versions and turn cookies off. You have three options in Netscape Communicator, to accept all cookies, accept only cookies from the same server, or deny all cookies. You can also have Netscape alert you when you are prompted for a cookie so that you can accept or decline it.
