Cookies. Cookies. Cookies. Use our Cookies or else

Perhaps make a distinction from thinking what is convenient versus being, say a Hong Kong protestor.

Let me be clear, I do not support all the things I have heard Hong Kong protestors have done. Many of the protestors were in support of people from Hong Kong (amongst other things) being deported to Mainland China. That is individuals who made Human Rights Complaints against the Chinese Government. Yes, I know the other context to those Protests is what was once promised to Hong Kong residents, they could keep the legal system that was more like the British legal system.

Think like you are one of those Muslims living in China, waiting for your time to enter the camps run by the government.

Many will say, that cookies have nothing to do with the kind of malware which attacks Human Rights. I say, as long as the normal course of the internet means I have things installed on my computer as part of using web Browsers, all of our basic Human Rights are imperiled.

Perhaps some here are already partially protected by using the Pure OS, and its browser.

Lastly, it is not a few well meaning privacy freaks who can change the system. It is the demand of corporations who do not want to pay the costs of paying Google type operations for information. Look at all the money that Google has made from selling information. We are paying for that when we buy products. It is the corporations who have the big money who can persuade the government to limit the spying, advertising that drives the design of web browsers to want to auto-install what might be malware or convenience, and also the spyware of power groups.

Oh, yeah, as a European I’m quite disappointed in our handling of the issue. The problem is not cookies in general, since there’s nothing wrong with e.g. session cookies. The problem is the marketing industry’s overreach. The tech industry comes up with useful mechanisms, and the marketing industry comes in and perverts them for their own use. And what Europe is doing is insufficient to counter this. We always get legislation that annoys us more than the website owners, who simply violate the regulations with impunity, knowing full well that Europe lacks the manpower to actually enforce their online legislation.

So you get what we have today: every website, no matter how innocently it employs cookies, now has to throw up a warning: “WARNING! EVIL ENTITIES KNOWN AS COOKIES AHEAD!”. This casts the false impression that cookies are bad by definition, where it’s only the cross-site tracking cookies that are (and not even all of them). And what’s behind that warning?

• Option A: accept all cookies, including marketing/tracking cookies. This is a one-click deal.
• Option B: opt out of the cookies. This is usually a lot more involved, and sometimes outright mean-spirited: “click here to opt out of all currently known trackers, but know that the list changes on a daily basis and everything you didn’t opt out of today is still fair game tomorrow” is about the worst offender in that regard.

There is also the deceitful language used in a lot of these cookie walls: “Warning, if you don’t accept all cookies, parts of the site might not function properly. Please accept cookies for an optimal surfing experience.” And indeed, they make it so that parts of the site don’t work properly: embedded videos fail to load because you refused the tracking cookie. Social media content referenced in the news article fails to load, again, because you refused the tracking cookie. You don’t need the tracking cookie for that content to display… And it’s perfectly possible to accompany the embedded content with a direct link to the source. But why bother making the site usable without cookies when the whole point is to get you to accept them?

Europe’s heart is in the right place. I just wish its brain were too…

I’m going to do something crazy and get back on topic.

You bring up some good points @purple but they are all to do with Cookies. I’m the person that does read those privacy Policies, Terms of Use and Acceptable Use Policies.

Most Cookie policies will say … “we use cookies and similar technologies…”

I do not think cookies are the real minions of web sites, rather it is the “similar technologies” that strip us of our rights to privacy. That’s not to say ‘cookies’ are little deviants themselves.

~s~

I installed NoScript extension into Firefox, and went to NBC news. I temporarily trusted NBC News webpage, and ended up with over 20 connections. Double click the advertiser, several for google, Face Book, and so on.

I did not click on any, I authorize the use of Cookies.

How many of these little deviants count?

This conversation, to me, is not about Convenience, but about security, the well being of individuals, where governments abuse their own citizens for speaking, writing about the abuses of the nation-states. I use the term “Power Group” as some companies use the power of the state to do the same.

I want to know what the Girl Scouts think of all this.

And should Samoans be installed on the server or the client?

on that note - Libraries require “cookies” too … you have to present your state issued ID card and pay a fee (you pay for it during tax extortion or up-front-on-the-spot)

if you REFUSE then you can simply ADMIRE all the books but you are not given ACCESS …

this is the reason behind it “hold on - we gave him access - if we don’t id him this can come back later and haunt us”. it’s like when Chancellor Palpatine was explaining to Anakin Skywalker why persons of power fear losing their power …

On Palpatine’s portrayal in the film, McDiarmid said, “he’s fairly physically impaired, but his mind is as sharp as ever.”

oh rly ??? …

Hmmmm I was not going to say more on cookies, but sorry I cant resist this, I cant recall the last time a library or library book crashed my PC or stole my private info

is it really stolen if we’ve given consent ? … i used to watch movies at the local library many years ago (on their video-cassette player with my rented films)

the way it worked was usually i had to give up my identity TWICE before i could satisfy my cravings …

the first time when i rented my films at a separate local-store (there weren’t ANY virtual stores at that time …)
the second time - at the local library. where i had to present my membership card that i paid in advance for the whole YEAR and that held information on my school at that time …

not to shabby for that period huh ?

given me a break - we’ve just traded a thing for another …

Good point, BUT I do not give consent willingly, what is consent if you are forced to give consent or you cannot use the site?

you do NOT use the site or if you DO then they reply “it’s your fault for using the web-site” or you arrange with your local community to flood their mail-boxes (electronic or otherwise) with spam about UNJUST POWER coupled with lawsuit after lawsuit … that could take years

most people start to feel FORCE only when it is breathing down their necks … the old “it’s behind me isn’t it ?” horror line …
honestly if you use the add-on Libre-JS or a javascript free web-browser you start to feel that breathing down your neck pretty well but if not then you’re very likely to just surf without a care in the world (i’m talking default browser settings and the average Joe here)

What if we all enable private browsing by default, or use a live session to browse the web, making cookies for tracking increasingly useless?

There is “nothing” wrong about cookies. The fact that they are (ab)used for tracking does not make the concept of having some sort of a session-container bad. All this drama about this one small thing while everyone is using closed-source apps on their phones/computers which can do WAY more then any site can do with tracking cookies… If most of us would disable cookies then we will see a shift to the more obscure things like E-Tag headers etc… What we need is not the absence of features and possibilities but the absence of abusers.

If you want to avoid all this just start your browser in private mode and be done with it. What I hate more is the way legislators came up with the idea that forcing cookie-bars is a good idea. Before i could tell elderly people to just always close/ignore any pop-up, but now I basically have to tell them to just accept everything as its pretty hard to explain a 70+ year old what-is-what… So for most people we just made the web less secure and besides that this broken solution offers zero security by itself.

Our problem these days is the fact how we solve problems like these… Instead of blocking offenders ( the Googles and Facebooks of the world ) we make the method used the problem. Its like putting stickers on mini-skirts with a warning for perverts and once someone is abused/offended we all shout for banning mini-skirts…

why not ? if we get “full-frontal-nudity” it’ll be worth it

The solution is simple. If the reply is “NO” to download the cookie, the website can keep the cookie in RAM.

HTTP is a stateless protocol so keeping anything on the server side without the ability to identify subsequent requests is pretty useless. Hence cookies as they are send per request as a header.

There is no downloading of a cookie… the server sends cookie key/value pairs as response headers and the client parses those ( and based on its settings they are stored or removed ). On the next request those stored values are send in a request header

I want the ability to say NO to the question ‘Will you accept cookies?’ and still be able to use the web site. The web site has the option to keep the cookie in RAM. Why STOP me from access to the site just because I wont download the cookie to my hard drive. If it means I need to relog in next time I access the site , well that is exactly how I expect the site to work.

This still needs a cookie else you would have to login on every request which makes browsing not much fun.

As stated before we should not blame something that isn’t bad by itself. Its just a header… Blame abusers that put up ads everywhere you look and set cookies on that domain so that they can track your every move.

One can not stop the drive by installing of Malware, unless we stop the browser means to installing cookies. Or even if it is installed on the server, it has the same potential to become Malware. Like stealing bank account numbers, Passwords.

Sorry I dont understand what you are trying to say. You are afraid cookies might contain malware? if so then i would be more worried about everything else that is being downloaded (e.g. media) and the client that is handling all that

No offense but this topic seems to attract people who are not that well informed about how cookies work. This is not fatal per se; unfortunately many of these people spread mistrust to cookies because they think they are responsible for all evil things in the world of data. Other people tend to believe that and tell other people and so on. Just deactivate cookies in your browser and see the reason web programmers are using them.

Perhaps, if those curious about this discussion, could install into their Firefox browser, the Add-ons, ‘Privacy Browser,’ and ‘No Script,’ but generally turn no script off. One could see the number of tracking cookies on many websites, and then turn on ‘No Script’ refresh the browser to see more. Another interesting thing to try is using the Brave Browser.

I do understand some thing of what epinez is saying, and I wonder if he is perhaps a network engineer that knows far more about such of this than I do.

Look at another example, in the last year of so, the US government, (in one of the things they did not done for political reasons, I hope) was trying the discourage the use of the 5G Network equipment of Huawei because it was known that the aggregate of equipment and software was configured to spy on what people did on the network.

We can create a browser to allow people to shop, and not leave the hooks for malware and other surreptitious spying to occur on our computers, and local networks. It should not be left to us buying specialized hardware, such as Librem, and installing specialized software to try to achieve Privacy in our own lives. Keep in mind, ISP’s can negate much of what we try to accomplish in using a Librem, with a good consideration for privacy. Yes our forum sponsers have offered the next step by integrating a VPN and other tools in Librem One.

We could create a web browser that refuses to do the things which I find wrong, but not if we leave the hooks in it for tracking cookies, and whatever next generation of spying tools that others create. Yes, we need to punish those who break the rules.

Once again, consider, if one was in Hong Kong right now, and trying to buy a ticket out, could one afford to have the authorities listening? Could one afford to distinguish ones browser as blocking ‘tracking cookies?’ Keep in mind, Human Rights people, are often not geeky tech types. Their mind works in a different way, and they have a different knowledge set of the world. I value their priorities, and their well being.

I hypothesize that authoritarian governments, and there are a lot of them, will use the tools of surveillance capitalism as part of tools of repression.

First rule of driving a highway, it should be safe. The information superhighway should be safe as well.