Prentice Hall and Sun Microsystems. Personal use only; do not redistribute.


8.2 Some Problems with Cookies


181


Focusing Advertising


Most advertiser funded Web sites charge their advertisers much more for


displaying  directed  ads than  random  ads. Advertisers are generally willing


to pay much more to have their ads shown to people that are known to have


some interest in the general product category. For example, if you go to a


search engine and do a search on  Java Servlets,  the search site can charge


an advertiser much more for showing you an ad for a servlet development


environment than for an ad for an on line travel agent specializing in Indone 


sia. On the other hand, if the search had been for  Java Hotels,  the situation


would be reversed. Without cookies, the sites have to show a random ad


when you first arrive and haven't yet performed a search, as well as when you


search on something that doesn't match any ad categories. Cookies let them


remember  Oh, that's the person who was searching for such and such previ 


ously  and display an appropriate (read  high priced ) ad instead of a random


(read  cheap ) one. 


8.2 Some Problems with Cookies


Providing convenience to the user and added value to the site owner is the


purpose behind cookies. And despite much misinformation, cookies are not a


serious security threat. Cookies are never interpreted or executed in any way


and thus cannot be used to insert viruses or attack your system. Furthermore,


since browsers generally only accept 20 cookies per site and 300 cookies total


and since each cookie can be limited to 4 kilobytes, cookies cannot be used to


fill up someone's disk or launch other denial of service attacks. 


However, even though cookies don't present a serious security threat, they


can present a significant threat to privacy. First, some people don't like the


fact that search engines can remember that they're the user who usually does


searches on certain topics. For example, they might search for job openings


or sensitive health data and don't want some banner ad tipping off their


coworkers next time they do a search. Even worse, two sites can share data on


a user by each loading small images off the same third party site, where that


third party uses cookies and shares the data with both original sites.


(Netscape, however, provides a nice feature that lets you refuse cookies from


sites other than that to which you connected, but without disabling cookies


altogether.) This trick of associating cookies with images can even be


exploited via e mail if you use an HTML enabled e mail reader that  sup 


Second edition of this book: www.coreservlets.com; Sequel: www.moreservlets.com.


Servlet and JSP training courses by book's author: courses.coreservlets.com.








footer






  


 


 


        

 


 

  

    

      
      
 Home 
      | About Us | Network 
      | Services | Support 
      | FAQ | Control Panel 
      | Order Online |
      Sitemap | Contact

      

      jsp web hosting

      
 

    

  

  




Our partners: 
PHP: Hypertext Preprocessor Best Web Hosting
Java Web Hosting
Jsp Web Hosting
Cheapest Web Hosting


Visionwebhosting.net Business web hosting division of Web 
Design Plus. All rights reserved