All geek questions in one place

Is there a lot of movement against cookies?

I'm not sure if this belongs to StackOverflow or ServerFault, so I chose SO for the first time.

A few years ago there was a very notable discussion about the misuse of HTTP cookies, which led to various cookie filtering filters and, ultimately, to active cookie filtering in browsers such as Firefox and Opera. Even now, Google admits that currently about 7% of end users will decline their tracking cookies, which is actually quite a lot.

I still vett all cookies that are set in my browser. I have years. I personally do not know others who do this, but he gave me some interesting information about web tracking. For example, there are many more sites using Google Analytics than there were two years ago. And there are still sites (extremely few, fortunately) that do not work well if you do not allow them to set cookies. But advertisers, in particular, still set cookies to track your path over the Internet.

So, is there most of the movement against cookies? Has anyone tried to get Google to the task of setting so much using Google Analytics? Is anyone trying to tarnish sites like Ebay and PayPal that use a tricky cookie for the site so you can log in?

Or am I doing too much dumb little problem?

+4
source share
6 answers

I am also one of the holders that do not automatically accept cookies. I really appreciate sites that need less, and I will most likely return to these sites and allow cookies from them in the future.

However, I think that being careful about cookies is not (rationally) worth the effort. (In other words, I expect that I will continue to do what I do because it makes me feel better, although I have no evidence of commensurate material benefits.)

0
source

These days, there are other ways to block these troubles. The Rick752 EasyList contains an EasyPrivacy list that blocks most of them without any work other than adding a subscription once to Adblock Plus . NoScript can (with a small configuration, basically deleting some erroneous entries in the white list by default) easily block those that depend on JavaScript.

However, I configured my browser to delete all cookies on logout. Then they can track you only for the entire session, which will be short if you usually donโ€™t forget the browser for a long time (or use the save / restore session all the time).

If you use Flash, you know that it also has some kind of cookies, and the interface for managing them is most likely worse than your browser.

+3
source

There are always people who misunderstand cookies - on both sides. Ultimatey, it is up to browsers to correctly identify sites for cookies. As long as the site is installed correctly, and a browser that respects this is simply not a big problem. I think that with the increasing use of web tools that take care of software details (and, better, slightly more secure browsers), this is not a big problem for end users.

In addition, the proliferation of DHTML and XML-based partial page loading mechanisms (as well as databases and similar), the need to track session between stateless pages is now reduced. Your web application can very easily save state without the need for cookies, and this may well be partially due to the number of [altogether misinformed] end users who have blocked all cookies.

In short: "IMHO, no."

+1
source

I refused both the user and the developer.

As a user, the convenience of staying on sites is too tempting; the pain of some sites is not too annoying. And I'm not so sensitive to my privacy, so I stopped caring and set all the cookies out.

As a developer, I always try to be as RESTful as possible, but I donโ€™t know of any decent way to handle authentication without cookies. HTTP Basic Auth is too broken, I can't read HTTPS all the time, and distorting URLs are painful and inefficient. What remains is form-based authentication using cookies. Thus, there is one cookie in my applications - I donโ€™t need it anymore, but by itself it requires the user to have cookies if they want to authenticate. OpenID and other federated identity services might fix this one day, but right now I can't rely on any of them.

+1
source

My biggest annoyance with cookies is that I want to block Google Analytics cookies, but at the same time I need to log in to analytics to manage some customer sites. As far as I can tell, this is the same cookie (in fact, it can be the same cookie in all google services).

I really don't trust the Google cookie. They were apparently one of the first large companies to set a cookie expiration date to 2038 (maximum), and their business model is almost entirely based on advertising (targeted advertising). I suspect that they know more about everyday online activities and the interests of people than any other government or organization on the planet.

Not to say that all this is evil or something else, but in fact there is a lot of trust to get one essence. They may claim that they are all anonymous, but I am sure that the claim will be difficult to verify. In any case, there is no guarantee that this data will not be stolen, legally acquired or otherwise used for some future purposes for other purposes.

It is possible that one day such profiling can be used to orient people to more serious things than to advertising. How difficult it would be for some future Hitler to establish IP addresses, bank accounts, schools, employers, club memberships, etc. Any arbitrary class for imprisonment or worse?

So, I reply that this is not a small problem, and history has taught us many times what can happen when you begin to classify and track people. Cookies are not the only means, but they are certainly part of the problem, and I recommend blocking them and clearing them at every convenient opportunity.

+1
source

From time to time I clear all my cookies. Itโ€™s a pain when I need to go back to the sites again (or set the settings), but itโ€™s also a good test as to whether I or my browser can remember the login information.

0
source

Source: https://habr.com/ru/post/1286443/

More articles:


All Articles