|Home » Learning Curve
Client Side, Server Side, Dark Side
- Jackass Design Inc
We're sorry, but this website requires you to enable cookies in your browser.
- Dodo Webmedia LLC
If something bad is going to happen to your computer, it will happen because bad code executed on it. If all your browser can do is read HTML formatted text, nothing can happen.
Cookies represent an early attempt at state-controlled web transactions. The technique is simple: when your browser accesses a host it is sent a 'Set-Cookie' directive together with a mumbo-jumbo gobbledegook number expressed as a character string. When your browser next accesses that same host it offers back the same cookie. The server can then know you are you.
Cookies also have domain fields: the host sending the Set-Cookie directive will specify for which domains the cookie value is to be returned. And they have expiry dates too, and they can be marked session-based or persistent.
Before leaving office, Handsome Bill asked websites to stop using persistent cookies - period. Not many webmeisters paid this any heed. Google today are infamous for using persistent cookies - and for setting the expiry date to the maximum value possible with 32-bit Linux: the year 2038.
Cookies have been misused and abused from day one. Notorious DoubleClick use them to track where you go. More and more media companies require not only authenticated login to read news stories but a cookie so they can see exactly where you go. They're watching you and they're hoping you're sloppy and forget to clean your cookie cache afterwards so they can continue to keep an eye on you.
Tracking statistics can be sold for big bucks to marketing companies. Wherever you go you're noted for who you are and what you like. You're not anonymous, even if they don't have your name address and phone number - yet.
Sweepstakes offers come in a never-ending stream of spam: once you've enabled cookies, you can sign in for a long-shot chance at perhaps a Mongolian toaster. These sites do ask for your personal information - and once they've got it can use the cookie your browser keeps sending back to know exactly where Mrs Myra McNutcase of 123 Winnebago Avenue Dirt Springs went surfing last week - and the week before that and the week before that.
The wonder of it is that there are websites out there functioning as discussion forums where all people do is exchange information about new sweepstakes to enter. And each time they take the bait, the idiots are further compromised.
And then of course there's always Microsoft. The Redmond Vole tried deliberately to undermine standards by moving their code into proprietary modules so that site visitors wouldn't be able to make web pages work if they weren't running Windows. One hundred nineteen corporations signed the agreement with Sun Microsystems; one hundred eighteen have dutifully been playing by the rules all along. One did not - and it was later revealed they broke the rules deliberately in an attempt to break the standard.
Java applications are true applications: they're platform-independent code and as such can run anywhere and be transported to any destination. And when they arrive they're expected to be able to do the same things as any other applications do.
Isn't it a nice feeling knowing a remote site can at any time decide to leverage a bomb to your computer through your browser - and you might not even be made aware of it?
Code that executes on the server side will never reach your computer. Your browser remains a 'reader' only, picking up the HTML and rendering it on your screen. No code is being executed. When it's text and nothing but text, nothing can harm you: text can't 'execute'. You're safe.
Server side technologies can still establish state-controlled transactions but they do it on their side and not yours. There is nothing stored on your computer. You can see they're not the same because you can access these sites without having cookies turned on and can still authenticate who you are and keep your 'conversation' going.
These webmeisters went back to school and took the time to learn to do things right.
Sometimes a polite but firm letter to those responsible can help.