Before getting on to the proper deep discussion on this topic there is a need to explain what exactly a website cookie is.
As the Internet (HTTP to be specific) was designed to be stateless initially, a website cookie is simply a short length unique text that websites put inside your computer for the purpose that you can use that site more conveniently.
In that case, why does a website ask for cookies? It starts with recent privacy laws, such as GDPR in Europe, that require companies to seek users' consent before collecting and using their information. Cookies have actually been used all along to track user and it was only when such laws were imposed, companies start to seek users' permission.
An example of information is a website cookie that remembers your geographic location to provide you relevant movie or traffic information near you. Cookies have also the ability to customize the banners for ads, keep track of the items in your cart, remember your username and password for the websites.
There are different kinds of cookies
One is a temporary cookie which is deleted when you log off your browser and used just to help you in that single session. While on the other hand the saved cookies stay inside your PC and assist you the next time when you are accessing that site. Sometimes staying in your browser for more than a year before expiring.
A user is required to be conservative and selective about sites that he or she is going to allowed to give a cookie. For your information, these cookies are not threatening like viruses or malware. But yet, you may feel for example that the browser is tracking your visits to a specific set of websites or keeping them remember your login information. But that is a totally personal decision for the user to make on a site by site basis.
You can easily control how you treat with these cookies regarding your internet browser security setups. If you block all the cookies that would probably limit the quality of your internet browsing experience. The better option if you are concerned is to set your browser to ask every time your permission before accepting a website's cookie. And obviously, only accept cookies from the websites you already trust and not third-party cookies.
There are also some cases where you will not be able to access a website if you do not allow that website to provide cookies.
A cookie is written usually when you are loading a new website. An example is when a submit button has been pressed, the page that is handling the data would be responsible for determining the values inside a cookie. The write operation will only fail upon the event if the user has chosen to reject or disable cookies on his or her browser. Some websites which heavily rely on the cookie will show an option that it has to take a default action or it would most probably prompt the user to enter the information again for that it should have been stored in the cookie.
Who can access the cookies in your browser?
Now here comes the part that you learn about who exactly can access the cookies in your browser. By setting its root domain it is possible to control its visibility by when a cookie is created. After that, it would be accessible to other URL that belongs to that same root. To easy explanation, if the route is set to what are cookies.com, then the cookie would be for the available sites are www.whatarecookies.com or xyz.whatarecookies.com, etc. this is used to allowed related pages help each other by communicating through common grounds. Of course, an IT person with physical access to your computer can also export your cookie files.
How secure our cookies exactly?
The Internet is now all about the privacy and security policy and procedures. Cookies are necessary and presented as a risk to privacy. Nevertheless, cookies only contain information which the user has given to the website. However, It is possible that all this information may be made available to some of the previously specified third party websites. This is just something that the user has to compromise for a better internet experience.
Commercial websites might add some advertising material which is usually brought in from third party website and the fact is that it is very much possible for such advertisements to install a cookie for that third party website. The type of information usually includes the name of the website particular products that are being viewed recently visited pages etc. When the user on a later time visit some other website which contains the same looking embedded advertisement for the same third party, the advertiser will then be able to read the cookie information and also has the ability to use that information in determining something about the users' browser history. This fact usually enables the advertisement publishers to serve their advertisement at a targeted set of people.
Suppose if you browsed a website that is selling camping equipment, and it starts showing you some advertisements regarding safety products for being in the forest or in country areas. Look carefully that these two events are interconnected.
If you are looking for camping equipment, the advertiser might think that there is an 80% chance that you are going to some forest or hill tracks. Definitely, those are places where you may face some security issued situation. The cookie that you used on some previous websites and also on the current one, would be provided to that third party website which is showing you the ads for self-defense products. That is how the advertisers set their target on the people that they have a possibility to show interest if their ad is shown.