Slashdot Mirror
Death of Cookies, Spyware Greatly Exaggerated?
securitas writes "The New York Times' Bob Tedeschi interviews several Internet marketing leaders who debate recent reports that Internet users are deleting cookies en masse and causing serious problems for advertisers. Among the interviewed is Eric Peterson, co-author of the Jupiter Research report that claims 39 percent of Internet users delete cookies. Slashdot has recently had stories about this supposed trend in June and July. A shorter version of the article at IHT. Who is telling the truth and who is deleting cookies? Are you?"
The "Allow Cookies For Session", along with the Allow Persistent Cookie Exceptions in Firefox solve all my problems. Along with AdBlock and BugMeNot.
I guess that makes me a bad person.
Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
Mozilla/Firefox can. Just tell it to set all cookies as session cookies.
The Tao of math: The numbers you can count are not the real numbers.
Many many helpdesk employees at ISP's tell users to delete cookies. I worked helpdesk for awhile about 4 years ago and back then although sometimes it did help it was mostly snake oil. Some help desk employees at a large ISP did little else besides tell people to delete cookies and reboot. Regardless of whether it works or not the users have learned to do it on their own. A lot of calls these days will start with "I deleted my cookies already but it still doesn't work.."
Sigs are awesome huh?
Permit Cookies is the best extension for Firefox yet. http://mfe.gorgias.de/
Yeah... The same worry-free experience while still allowing cookies where you want them can be set up in Firefox like this:
:-/
To allow new cookies
(when visiting new forums, etc)
- Allow sites to set cookies = on
- Keep cookies = ask me every time (when asked, obviously don't accept the ad cookies, to 99% easily identifiable)
To allow modifications to cookies earlier allowed to be set, and block the rest
(the by far most common and dialog-free setting)
- Allow sites to set cookies = off
^--- This configuration works, because that setting does not disable cookie usage to 100%, but still keep cookies you've allowed before to be both read and modified. You can review which those are later via "View Cookies". I always thought Firefox documented this behavior poorly in the dialog.
If something slipped in by you allowing too much, simply remove the cookies from the whitelist at "View Cookies" in Firefox. Cookies either not listed, or listed as "block" will be blocked by Firefox with "allow sites to set cookies = off", and the others listed as "allow" will always be allowed despite this setting.
Beware: In C++, your friends can see your privates!
What's always left out in these discussions is the differentiation between good cookies and tracking cookies (especially long-lasting session ids). See also cookies(5). Lack of user education and bayesian cookie filters in browsers IMO.
Cookies aren't evil. They are just misused, and misunderstood.
There's nothing wrong with using cookies to prevent me from having to logon to Slashdot 10 times a day. And there is nothing wrong with cookies telling Amazon.com that people who buy Movie X also like to buy Book Y. That is useful anonymous marketing information. I actually LIKE it when Amazon recommends things to me, because they are usually right!
The problem is when the cookie stays around for days and you never get a login prompt: that's a security problem. Or when marketers build long-term profiles on you, then try to grab identifying information from other sites you use.
I have Mozilla set to delete cookies every day, which seems to be the best balance. (Firefox unfortunately does not have this option).
Out of the box ... Firefox has really poor cookie management. I have it set to prompt, but once I deny a site permission and realize I want to do business with them it takes many mouseclicks and a lot of stupid scrollbar searching to hunt down the cookieblock and delete it.
Yeah, what's up with this? Mozilla actually has a tools->cookies menu that lets you quickly block or unblock cookies from a site. Why doesn't firefox?
The TV doesn't "send anything back", the tuner knows which channel you're tuned to. That signal strength can be detected on the provider's end. Call your analog cable provider and ask them (btw: there is no such thing as "analog" cable, its digital up to the point where your analog converter takes care of it, again, call your cable provider and ask).
well... durr... that's what session cookies are for... doesn't ie support them then??? who really cares, Konq and Firefox do... and that means I'm happy ;)
Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
Here's what I do.
/. so I don't have to log in everytime.
Get Firefox to turn ALL cookies into session cookies by deleting them "when I close Firefox" in options.
Then make exceptions for the sites you want to track you. I do this for
From the article;
This anticookie fervor also hurts the deleters, she says. For example, cookies help a computer limit how many times the user is exposed to annoying ads like a floating, animated message. Since when should you trust a site not to annoy you with ads, block popups and use Adblock and Flashblock.
"...So cookies are a really good thing for managing the user's experience," she said." If this was true, we'd all be installing adware on our computers to deliver 'interesting relevant and targetted' advertising to enrich our web experiences wouldn't we? Bah!
increasintly, if you don't have cookies, holding a session is impossible (unique id's on the getline are going the way of the dodo) and, increasingly, sites want you to maintain sessions to do anything useful.
t tacks
For session tracking, cookies are now the standard, but there are other security precautions that can only accomplished by including a unique ID in every form.
Go read up about "session riding" or "cross-site request forgery". For example:
http://shiflett.org/articles/foiling-cross-site-a
See the code sample near the end of the page, under "Force the use of your own HTML forms".
where there's fish, there's cats
They can tell if you have something hooked up, but they can't tell what channel you are tuned to. And there is most certainly analog cable. Digital cable encodes discrete packets of numerical data into MPEG frames. Analog cable doesn't require any such digital processing to be displayed.
-matthew
"THERE IS NO JUSTICE, THERE IS ONLY ME." -Death
Cookies aren't the only thing that advertisers use to keep track of you. Don't forget about web bugs - basically, any static image (often only 1 pixel in size, but it can be any size) can be used to keep track of you. Since your browser caches images, web servers can assign a unique modification date for each visitor. When your browser visits a site it has already visited, it will ask for the web bug image, and in the request, your browser will say "give me this image if its modification date is later than [a unique specified time]." That's when the server says, "Welcome back, Fred." The trick to foiling this? Don't use a cache. You really don't need one if you have broadband.
And here's some Cookies to Love
INGREDIENTS:
* 4 1/2 cups all-purpose flour
* 2 teaspoons baking soda
* 2 cups butter, softened
* 1 1/2 cups packed brown sugar
* 1/2 cup white sugar
* 2 (3.4 ounce) packages instant vanilla pudding mix
* 4 eggs
* 2 teaspoons vanilla extract
* 4 cups semisweet chocolate chips
* 2 cups chopped walnuts (optional)
Bake at 375F for 10-12 minutes
But then you are depending on those with money to share content. I worked with a site for a video game mod last year. Great site, no adds, wonderful content (and mod files sizes in the magnitude of Megs). Worked off of donations, a few bucks here, a few bucks there would cover the bandwidth needs. After a while, the site's popularity grew, some links from other very popular sites to this site drove the bandwidth and server load through the roof. The site admin bumped the server to a tougher server, which could handle it, and eventually the guy running the site had to pay for a much higher end hosting solution and bandwidth. That shot his relatively low bandwidth bill to way beyond that of what a part time pet project could justify. He started enforcing free registration, and added google adds, which helped, but the cost of thousands apon thousands of users downloading multiple files from 1 meg to 50 megs was extremely costly, even with 3 mirrors. He added more advertising to help cover the cost. And the site is still up today.
Acording to your point of view, he should not have taken any advertising, because it would push people away from his site, but had he not taken any advertisment, his site would be perpetually unreachable until no one visted it due to it's instability.
Advertising, whether you like it or not, is what allows people with limited budgets to maintain high bandwidth publications.
-Rick
"Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs