Is there a market in reverse engineering cookies in order to present a false identity to a website? Ecommerce sites routinely provide various discounts, and potentially even variable pricing, to individuals based on behavioral analysis. For example, if a site sees you visited six times, browsed, but did not purchase, perhaps they’ll pop up a “$10 off today” coupon.
Update via Mark Ayzenshtat:
This kind of technique would not get very far. Sites that stored, e.g., numArticlesRead=1 inside the cookie could easily ensure that it wasn’t tampered with by adding a message authentication code (HMAC) to the cookie state. Or (more work for the site) they could avoid storing anything in the cookie beyond a randomly generated user ID and track the interesting parts (like how many articles you’ve viewed) entirely on the server.