Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Firefox Will Soon Block Third-Party Cookies

timothy posted about a year and a half ago | from the accept-only-genuine-chocolate-chip dept.

Firefox 369

An anonymous reader writes "Stanford researcher Jonathan Mayer has contributed a Firefox patch that will block third-party cookies by default. It's now on track to land in version 22. Kudos to Mozilla for protecting their users and being so open to community submissions. The initial response from the online advertising industry is unsurprisingly hostile and blustering, calling the move 'a nuclear first strike.'"

cancel ×

369 comments

Sorry! There are no comments related to the filter you selected.

Online Advertising Response (5, Insightful)

FSWKU (551325) | about a year and a half ago | (#42991465)

The initial response from the online advertising industry is unsurprisingly hostile and blustering, calling the move 'a nuclear first strike.'

Translation: Boo-fucking-hoo. Online marketing scum have been abusing users for years, making this a retaliatory measure. Let them cry all they want, because nobody gives a shit.

Re:Online Advertising Response (5, Interesting)

CheshireDragon (1183095) | about a year and a half ago | (#42991495)

I have always turned of the third party cookies, but good move for making it a default.
And to hell with marketers, they can cry all they want. They have already stripped most television show of a title sequence and forced shows to start rolling credits while still running. Ihave always wondered why I pay for a ton of cable channels when all I am really doing it watching commercials. Good thought to the creator of the DVR.

Re:Online Advertising Response (1)

Jane Q. Public (1010737) | about a year and a half ago | (#42991575)

"I have always turned of the third party cookies, but good move for making it a default. And to hell with marketers, they can cry all they want."

Agreed. Pretty much by definition, third-party cookies are "stealth" information gathering. They have no right to be tracking me. I keep them turned off, too.

But I do not see why this is news-worthy. It's just a checkbox. The so-called "patch" is probably one line of code, and an exceedingly short one at that.

Re:Online Advertising Response (4, Insightful)

bipbop (1144919) | about a year and a half ago | (#42991597)

I think whether or not it's newsworthy is decided by its effects, not how much effort it takes to implement.

Re:Online Advertising Response (5, Interesting)

fluffy99 (870997) | about a year and a half ago | (#42991699)

It's interesting that no-one has ever tried to retaliate against them using the COPPA law, which makes it illegal to track and retain information on underage kids.

Re:Online Advertising Response (5, Funny)

Cryacin (657549) | about a year and a half ago | (#42991863)

Wait a second. "Think of the children" used to PROMOTE privacy? That's not how it's supposed to work! My head hurts, I have to go and lie down for a while...

Not that simple (Re:Online Advertising Response) (5, Informative)

Giorgio Maone (913745) | about a year and a half ago | (#42991759)

The patch is not exactly a one-liner [mozilla.org] , because the implemented behavior is not as straight-forward as just "block 3rd party cookies".

It's "block cross-site cookies from origins which I've not visited yet as a 1st party websites and have already 1st party cookies from".

This means, for instance, that Facebook, Google and Twitter gets likely a free-pass to track almost anybody.

And that once you (accidentally or not) click any ad box, you give a free-pass to its advertising agency too.

Re:Not that simple (Re:Online Advertising Response (2, Insightful)

Anonymous Coward | about a year and a half ago | (#42991843)

Above post should be moderated to +10.

Sounds like the big guys are looking to squeeze out any smaller competition. Not a surprise, since Mozilla is pretty much Google's bitch.

Re:Not that simple (Re:Online Advertising Response (1)

Anonymous Coward | about a year and a half ago | (#42992043)

Will we still have the option to completely block third-party cookies then?

Re:Online Advertising Response (1)

Anonymous Coward | about a year and a half ago | (#42991975)

Where do you turn third party cookies off in FF linux?

Re:Online Advertising Response (0, Troll)

houghi (78078) | about a year and a half ago | (#42991671)

I thought the same about cable. However I just canceled mine.
Good thing the creator of torrents.

Re:Online Advertising Response (1)

Cryacin (657549) | about a year and a half ago | (#42991869)

You sick of being called a thief every time you watch a movie after you've shelled out to buy the DVD as well?

Consequences (4, Funny)

Anonymous Coward | about a year and a half ago | (#42991881)

Sites will start blocking Firefox browsers. If enough popular sites do this, people will be switching to other browsers. Or people will start making Firefox masquerade as a different browser, which (if it becomes popular) will subsequently be made illegal. That is assuming that third-party cookie blocking won't just be made illegal.

It is appropriate to describe this as a first-strike, because there will be a retaliatory salvo, and much of our Internet freedom will get caught in the crossfire.

Re:Online Advertising Response (4, Insightful)

Mitreya (579078) | about a year and a half ago | (#42991883)

And to hell with marketers, they can cry all they want. They have already stripped most television show of a title sequence and forced shows to start rolling credits while still running.

If they only stopped at that!
Are you not getting the damn characters running across your show, in the middle of the show? It superimposes over the current show I am actually watching, just like a popup ad online

Also, a simple comparison of show length, demonstrates that in the 60s/70s shows ran for 26.5 minutes, while current sitcoms are around 22.5 minutes per half hour. And you get to see pop-ads in the middle of some of those three 7-minute long pieces.

Re:Online Advertising Response (1, Interesting)

Man On Pink Corner (1089867) | about a year and a half ago | (#42992029)

At first glance, the dancing cartoon characters and excessive commercial breaks seem like a supply-side problem. The fact that the show's producers and writers tolerate this sort of thing is a sign that you, as their audience, are very far from the top of their minds when they come to work each day. They clearly harbor the same disrespect for their own craft that they have for your time. Seems simple enough.

On the other hand, the fact that you, as their audience, keep watching their shows, is one that I don't have a ready explanation for.

My only guess is that some people just don't value their limited time here on Earth as much as they should. Either switch to Netflix, use torrents, or sell your TV on Craigslist for a bag of horse. Any of these things will be a better use of your time than watching network TV.

Re:Online Advertising Response (1, Insightful)

Anonymous Coward | about a year and a half ago | (#42991541)

The complaining will start as soon as all sites start to go pay-for-content.

Sorry Charlie, but advertising and monetization drives the "free content" you see on the web. Go ahead an bite the hand that feeds you.

No the complaining will start... (5, Interesting)

Anonymous Coward | about a year and a half ago | (#42991583)

When they just get websites using their advertising services to add subdomains covering their cookies.

At that point you WON'T be able to solve this without a huge mess of per-domain whitelists, eventually coalescing into the cookies for the advertisers being handled THROUGH the corporate websites.

I was arguing this a decade or decade and a half ago to anyone who would listen, but it was brushed off (And rightfully so given that it's taken this long for a browser to actually this by default.)

Re:No the complaining will start... (0)

Anonymous Coward | about a year and a half ago | (#42991961)

Can someone simplify this with an example? Thanks.

Re:Online Advertising Response (0)

Anonymous Coward | about a year and a half ago | (#42991605)

It would be a wonderful world if that happened. I've always been really sad that we didn't manage to have a micropayment system in place in 1995, so that we could pay for what we used instead of having advertising shoved down their throats. I would much rather be the customer than the product.

Micropayments (3, Interesting)

tlambert (566799) | about a year and a half ago | (#42991989)

It would be a wonderful world if that happened. I've always been really sad that we didn't manage to have a micropayment system in place in 1995, so that we could pay for what we used instead of having advertising shoved down their throats. I would much rather be the customer than the product.

That's a great idea. Then they could make a micropayment back to me for everything in the page they end up sending me that I don't actually read so they can offset the bandwidth cap that my ISP starts charging me extra for after it's been exceeded.

PS: Micropayments are an incredible bitch to implement, if you've ever tried it, since the transaction fees and data storage pile up. There's a reason the phone companies charge so much per text message, and a lot of it has to do with paying micropayments to themselves every time someone makes a micropayment on sending a text message. The transactional overhead is very high.

Re:Online Advertising Response (5, Insightful)

JaredOfEuropa (526365) | about a year and a half ago | (#42991635)

Killing 3rd party cookies doesn't mean the end of advertising, not even the end of targetted ads like Google adwords. Neither rely on 3rd party cookies. It will mean the end of tracking users across sites, collecting browsing history that they have no business collecting (and which most users are not even aware of).

Re:Online Advertising Response (5, Interesting)

Anonymous Coward | about a year and a half ago | (#42992017)

IMHO, the next step is to block referrer information to third party sites [mozilla.org] . E.g. if example.com loads a script from gstatic.com, then the HTTP_REFERER header is not sent to gstatic.com. There's almost zero collateral damage (one captcha service doesn't work), and companies like Facebook and Google no longer get to know every site that most internet users visit.

Re:Online Advertising Response (2)

lofoforabr (751004) | about a year and a half ago | (#42992051)

It also makes Facebook apps harder to code, because all of them are opened inside an iframe.
The app inside the iframe relies on setting cookies to keep the session alive, but this won't work anymore because of this policy.
Yes, there are a few workarounds for that, as in "redirect to app domain on _top, set a cookie, and then redirect back to facebook", but that's far from ideal.
I've had to do this because of Safari so that the app would work correctly.

Re:Online Advertising Response (0)

Anonymous Coward | about a year and a half ago | (#42991727)

I won't complain. I'm happy to have a free, ad-free internet right now. I'll be happy to have a for-pay, ad-free internet later.

Re:Online Advertising Response (0)

Anonymous Coward | about a year and a half ago | (#42991763)

The complaining will start as soon as all sites start to go pay-for-content.

Sorry Charlie, but advertising and monetization drives the "free content" you see on the web. Go ahead an bite the hand that feeds you.

Pay-for-content TV is still running commercials, paid magazines advertisement to content ratio got to a ridiculous point before they started closing down. Most content around is low quality. For sure not enough good to justify tracking me.

So, go pay-for-content and we'll see what happen. You may be someone providing good content, in which case you'll see people paying (a reasonable price) without complaining.

Or you may be someone providing average content in which case you'll still see no one complaining because most people will simply move on, some will still pay to see what happens, but since they will not be enough, you'll have to introduce advertisement again and they will finally leave you collapsing under your stupid and failed business.

I tell you something: either you have a good thing to offer me, in which case I'm willing to pay and you don't have to steal my privacy, or you don't, in which case it's a good thing that your business collapses. Pro-tip for youngsters and newbies: you don't have a right to success, build something cool or stop bitching. And get off my lawn.

Re:Online Advertising Response (2, Insightful)

Anonymous Coward | about a year and a half ago | (#42992005)

This has nothing to do with advertising. Blocking third-party cookies does not block ads; it blocks tracking. And you're assuming that everyone who has a website is in it only for the ad money.

Re:Online Advertising Response (3, Insightful)

Anonymous Coward | about a year and a half ago | (#42991553)

I think the advertisers have a legitimate point, and should retaliate. How about trying to pay web site owners to alter their sites so they refuse to load on FireFox? I bet that would be a hilarious and very short negotiation.

In all seriousness, advertisers are simply the worst form of corporatism: All they want is more of everything, regardless of what they already have. They don't like being blocked like this, let them invent their own Internet with its own bizarre, user-hostile set of rule. They could call it facebook, perhaps...

Re:Online Advertising Response (4, Insightful)

bhagwad (1426855) | about a year and a half ago | (#42991647)

I would much rather pay by seeing ads instead of paying actual cash. Websites are free to advertise to me as much as they want. If I don't like the ads, I stop using them. There's no need for browsers to protect me.

Re:Online Advertising Response (0)

Anonymous Coward | about a year and a half ago | (#42991811)

Only because you literally cannot imagine how little you would actually pay, to give them what they get from the ads you see.

Because even back in 2006, that price was about $60 for a thousand clicks on front-page banners of a 16-million-users site. Much less, for mere unique user views, and next to nothing for pure page views.

Also, I think a good service is worth good money. I have no trouble paying a bit to get something that is worth something. That's fair. And since, in return, I get paid directly for my own online services too, I will be able to afford it.

Finally, when the advertisers pay, sites cater to their needs, and we're just the product, but when we pay, they cater to our needs.
I can guarantee you, that them depending on you that way will improve your usage experience massively.

Re:Online Advertising Response (1)

bhagwad (1426855) | about a year and a half ago | (#42991943)

I have a phobia about spending money. So no matter how low it is, I don't like to pay anything...Also, since the site needs its visitors to keep coming back, they will definitely take care of the visitor's needs.

Re:Online Advertising Response (0)

Anonymous Coward | about a year and a half ago | (#42991833)

I completly agree, I stopped using ads a long time ago with the help of adblock, my life have been significantly better since.

Re:Online Advertising Response (4, Informative)

Anonymous Coward | about a year and a half ago | (#42991857)

blocking third party cookies doesn't, in any way, prevent a website from displaying ads on a website. This isn't an either/or situation. The third-party cookies are used to track users.

Re:Online Advertising Response (2, Insightful)

MrEricSir (398214) | about a year and a half ago | (#42991859)

If I don't like the ads, I stop using them. There's no need for browsers to protect me.

If you're okay with having your every move tracked across the web, by all means, use a different browser.

But do yourself a favor and stop pretending that this has anything to do with seeing ads on the internet.

Re:Online Advertising Response (2, Informative)

Anonymous Coward | about a year and a half ago | (#42991873)

Yes, because the Internet really sucked prior to commercialisation.

  Don't believe the guff, prior to a commercialised Internet, services still ran and ran well.

Re:Online Advertising Response (0)

Anonymous Coward | about a year and a half ago | (#42991761)

The initial response from the online advertising industry is unsurprisingly hostile and blustering, calling the move 'a nuclear first strike.'

I would just have replied: Soo... you're saying that as if it was a bad thing. ^^

Good (-1, Redundant)

Anonymous Coward | about a year and a half ago | (#42991467)

Finally my grandma will reclaim some of her screen estate from all those bloatware toolbars!

Re: Good (-1)

Anonymous Coward | about a year and a half ago | (#42991493)

Just woke up and read "third party plugins". Mod me down to hell!

Re: Good (0)

Anonymous Coward | about a year and a half ago | (#42991525)

Sorry mate-no mod points for me today.

Why wait for v22? (5, Insightful)

Jimbookis (517778) | about a year and a half ago | (#42991471)

Stick it in v19.0.1. Bring it on!

Re:Why wait for v22? (0)

Anonymous Coward | about a year and a half ago | (#42991675)

There's already an "Accept third party cookies" checkbox in the Firefox options. The change is that it will be on by default.

Good move in my opinion. I've been blocking third-party cookies for many years and it has only caused problems with a three or four sites.

Re:Why wait for v22? (4, Informative)

kthreadd (1558445) | about a year and a half ago | (#42991685)

Because there is a staging process for adding features to Firefox, so that nothing breaks once something reaches the release builds.

First strike was in Netscape (4, Informative)

Sigma 7 (266129) | about a year and a half ago | (#42991473)

Since Netscape 4.7, there was an option to block third-party cookies (yet DoubleClick found a way around that). Changing a default option should have no impact on the advertisers - they can adapt or die.

Re:First strike was in Netscape (2, Interesting)

Anonymous Coward | about a year and a half ago | (#42991505)

Doubleclick is now known as Google adwords. So it should be interesting to see if this ever gets into Chrome...

Re:First strike was in Netscape (1)

Jane Q. Public (1010737) | about a year and a half ago | (#42991587)

"yet DoubleClick found a way around that"

Not really. IIRC, they were using a pixel tracker... a third-party graphic, not a third-party cookie. And I am pretty sure they were far from the first to do that. Just the first to use it the way they did.

Re:First strike was in Netscape (1)

Dracos (107777) | about a year and a half ago | (#42991625)

Now we need an option to disable cookies on cross-domain image/* requests.

Re:First strike was in Netscape (0)

Anonymous Coward | about a year and a half ago | (#42991695)

that would break allmost every major website out there, including this one:

http://a.fsdn.com/sd/topics/firefox_64.png

Re:First strike was in Netscape (1)

Anonymous Coward | about a year and a half ago | (#42991847)

What kind of stupid argument is that? You say it as if it was a bad thing.

If every major website it evil, then breaking every major website is a good thing.

And despite Ghostery and AdBlock already doing that, nothing of value is broken and my Internet experience is a lot better.

"nuclear first strike" (2, Funny)

Anonymous Coward | about a year and a half ago | (#42991475)

[grumpy cat] Good.

Need more nukes (5, Funny)

femtobyte (710429) | about a year and a half ago | (#42991481)

If the advertising industry is still capable of responding, we obviously haven't nuked them enough yet.

Re:Need more nukes (2)

greg1104 (461138) | about a year and a half ago | (#42991937)

The problem is that advertisers are like cockroaches; you can't kill them with nukes. When all of civilization has been reduced to a post-apocalyptic wasteland, and mutant zombies roam the land, there will still be someone trying to sell you that one weird trick for losing belly fat.

Screw you, Mozilla. (-1)

Anonymous Coward | about a year and a half ago | (#42991483)

Ask or Allow should always be the default, never Block.

You'll still never get those people back.
You will win barely a hundredth of a percent of those people back who actually give a damn. Maybe.
The rest are already using other browsers or yours already.

This is just stupid on every level. It isn't even about privacy, it is about attention.

Re:Screw you, Mozilla. (2)

epyT-R (613989) | about a year and a half ago | (#42991557)

cry more. If you want money, go get a real job.

A nuclear first strike... (5, Insightful)

John Hasler (414242) | about a year and a half ago | (#42991489)

...would be incorporating AdBlockPlus and NoScript and enabling both by default.

Do it.

Re:A nuclear first strike... (1)

Anonymous Coward | about a year and a half ago | (#42991537)

Keep in mind that the only reason Adblock and Noscript are still around is because so few people use them. If every Firefox user used them, a couple of politicians would get new yachts and vacation homes. If they posed a significant threat to the ad industry, they'd be gone. Big Money does not have to adapt. You do.

Re:A nuclear first strike... (1)

Anonymous Coward | about a year and a half ago | (#42991701)

More likely ad supported sites would start testing for and blocking users of those addons, which is what seems likely to happen here.

Re:A nuclear first strike... (1)

Anonymous Coward | about a year and a half ago | (#42991741)

That already happens in many cases actually, and it is equally easy to bypass.

Re:A nuclear first strike... (0)

Anonymous Coward | about a year and a half ago | (#42991809)

And thus creates an arms race between web site developers and privacy plugins

The more they try to detect, the more the plugins will adapt stealth techniques.

Re:A nuclear first strike... (0)

Anonymous Coward | about a year and a half ago | (#42991835)

..and nothing of value was lost.

Re:A nuclear first strike... (0)

Anonymous Coward | about a year and a half ago | (#42991907)

This forces the website to pop up a message that says "please whitelist our website so that we can track you" - ie it forces the website to inform the user of what they want to do. At this point the user can make an informed choice.

If the page chooses to simply block the user outright then the user will just think the page is broken which reflects badly on the page more than anything.

So basically if this happens, then good.

Re:A nuclear first strike... (2)

John Hasler (414242) | about a year and a half ago | (#42991749)

If every Firefox user used them, a couple of politicians would get new yachts and vacation homes. If they posed a significant threat to the ad industry, they'd be gone.

Bullshit. Remember SOPA? The Do Not Call List?

> Big Money does not have to adapt. You do.

Bullshit. Votes are more important than campaign funds.

Re:A nuclear first strike... (0)

Anonymous Coward | about a year and a half ago | (#42991919)

Yeah, how exactly would that work in practice? I mean in reality, where laws are only paper, and cops cannot yet install TCPA chips in your computer and brain.

Build Gnutella/TOR into Firefox, make it download the next update, including Adblock and Ghostery, automatically, and send big stinkin' middle-finger e-mails to those lobbyists (You don’t really still think politicians are more than mere puppets in this game, are you?) every time that happens.
Just like e.g. WinMX did it. No website needed. It's self-sustaining. (The first version would be downloaded via another file sharing client, just like you use wget or IE to download Firefox right now, or get it on the LiveUSB of your OS.)

You're vastly overestimating the power of those treasonous criminals (= lobbyists). If they had that kind of power, The Pirate Bay would long be gone, and so would all Gnutella clients and any non-locked-down OS or TCPA-chip-free device.

Re:A nuclear first strike... (1)

Pentium100 (1240090) | about a year and a half ago | (#42991767)

Noscript is good, but too inconvenient for regular users. Ghostery is much better (for anti tracking use), since it already has a blacklist of the trackers and does not really affect the browsing.

Adblock, Flashblock, Ghostery - must have, Noscript - highly recommended.

RequestPolicy (0)

Anonymous Coward | about a year and a half ago | (#42991929)

RequestPolicy is worthwhile too, helps manage 3rd party content.

Re:A nuclear first strike... (5, Informative)

Mitreya (579078) | about a year and a half ago | (#42991981)

incorporating AdBlockPlus and NoScript and enabling both by default.

Quite a few websites (whether intentionally or not) make it difficult to figure out which domain needs to run javascript for them to function. It is often _not_ the current domain. So users will end up choosing "Enable all scripts (dangerous)" option with NoScript sooner or later.

Also, when the webpage redirects you to a processor for finalizing a payment, a lot of work can be lost. Cannot go back without losing entered data and cannot complete the payment because reload will screw things up. NoScript should really ask you "Click redirects to a different domain -- enable scripts there?"

Compare the european cookie law (1)

Anonymous Coward | about a year and a half ago | (#42991499)

Actually quite amazing that this policy wasn't the default in the first place, but anyway.

This is more or less what that law was intended to achieve. Instead, it blew up in the users' faces by requiring them to click "yes" lest they be redirected someplace else, thereby giving permission to store any and all cookies regardless of origin. Much simpler this way.

If you don't, you should (4, Informative)

bradley13 (1118935) | about a year and a half ago | (#42991501)

Block 3rd party cookies, and that is. This is my default setting, and it rarely has any impact on the actual content of a website.

Re:If you don't, you should (0)

Anonymous Coward | about a year and a half ago | (#42991711)

I know of one major retailer whose website doesn't work when I use Ghostery. It says the website won't work with "cookie" disabled. Of course, it has already set the first-party cookie. So, of course, I never buy anything from them online.

Re:If you don't, you should (1)

Zontar The Mindless (9002) | about a year and a half ago | (#42991725)

Been using it so long myself that I'd forgot it wasn't *the* default.

One click on a check box and mine does it too. (0)

Anonymous Coward | about a year and a half ago | (#42991509)

It should be default.

Feature Request: remove all cookies EXCEPT (0)

Anonymous Coward | about a year and a half ago | (#42991515)

I regularly clean out my cookies with "delete all", but I'd prefer to keep the ones for sites that require a login. But it's too hard to delete cookies individually.

Re:Feature Request: remove all cookies EXCEPT (0)

Anonymous Coward | about a year and a half ago | (#42991659)

ccleaner. just tell it to intelligently keep cookies. Logon cookies stay, the rest go away.

Re:Feature Request: remove all cookies EXCEPT (5, Informative)

rihkama (732472) | about a year and a half ago | (#42991665)

I regularly clean out my cookies with "delete all", but I'd prefer to keep the ones for sites that require a login. But it's too hard to delete cookies individually.

You can achieve that in Firefox without any extra extensions: Under Privacy: 1. Use Custom settings for history - Accept cookies from sites - Keep until: I close Firefox 2. Under Exceptions: - Add sites you want to allow permanent cookies sites using "Allow" button Done. Sites you allow can store cookies until they expire while other cookies are cleared every time you close the browser.

just block all cookies (5, Informative)

manicpop (1342057) | about a year and a half ago | (#42991545)

The great thing about Firefox is you can block all cookies by default, and whitelist only specific domains. Just block everything except ones you know you need (like maybe your banking site). Use "allow for session" for sites that need cookies for some reason but you don't need to save permanent data. There's also a great extension called "Cookie Monster" that will let you set all those options on a per-domain basis from the status bar.

Safari (2, Insightful)

Anonymous Coward | about a year and a half ago | (#42991563)

Doesn't Safari already do this by default?

Re:Safari (1)

Anonymous Coward | about a year and a half ago | (#42991633)

Which then Google went about circumventing to please its customers.

Re:Safari (0)

Anonymous Coward | about a year and a half ago | (#42992007)

Which then Google went about circumventing to please its customers.

And there we have yet another demonstration of how evil Apple really is (and if you didn't detect the sarcasm dripping off that comment you need help).

Re:Safari (4, Informative)

Forever Wondering (2506940) | about a year and a half ago | (#42991641)

Doesn't Safari already do this by default?

In the first bugzilla entry for the patch, it details what Safari does and proposes to mimic it.

already blocking them (1)

mnt (1796310) | about a year and a half ago | (#42991615)

but totally forgot when i enabled that setting on chrome. maybe a year ago?

Nuclear Response (4, Informative)

Bob9113 (14996) | about a year and a half ago | (#42991639)

The initial response from the online advertising industry is unsurprisingly hostile and blustering, calling the move 'a nuclear first strike.'

This is a completely justified nuclear response. The nuclear first strike was when the advertising industry started stalking people everywhere they go without informed consent or even an easy way for average people to opt out, and with no way to purge your history. If you had only used cookies in the public interest, the browser that cares about its users would not have to respond to your hostile behavior.

Is information provided or extracted? Am I naked? (1)

See Attached (1269764) | about a year and a half ago | (#42991679)

We have grown to expect free stuff like alternate browsers, and Acrobat and Flash and Java (etc). We all are part of the new diorama of the Interweb, which is increasingly mined to extract information for commercial purposes. Its business. We'll have to get used to it. The consideration paid to the folks that build and maintain that diorama-space (TM) is the sale of the information that you push into it. The growing fear for me is how often its -extracted- vs -provided-. I am aware of everything that I type in, but have NO idea why facebook needs read/write access to my camera, address book or phone number list, or my surfing history or the .... (Whatever ...)... As the a prior /. poster put it.... I can imagine the wringing pedipalps that must accompany any new data mining vector of personal and private data from anyone that has a cell phone, or smart phone or laptop or tablet (ie: all of us!! ) That said, who will negotiate for fair data-access on the side of the user? On the way home from dinner, (wife was driving!), I checked on NJ Devils hockey ticket offer that came via email. Once home, I opened a browser and all of a sudden, there were NJ Devils images all over the periphery of my experience. I felt sorta violated. On the other hand, I would rather see those I guess than meal deals from Moscow, or Brisbane or Kolkata. I guess another way we could address this is by making that data we maintain fairly unrepresentative. Imagine a script that visits 20 websites in a row, Opens a connection, pauses, closes opens another and output > /dev/null. Is that how we mask our nakedness?

Tomayto, tomahto... (1)

Guppy06 (410832) | about a year and a half ago | (#42991683)

The initial response from the online advertising industry is unsurprisingly hostile and blustering, calling the move 'a nuclear first strike.'

I guess one person's "nuclear first strike" is another's "measured response."

I've been doing this in Chrome for a while. (2)

The MAZZTer (911996) | about a year and a half ago | (#42991691)

Most sites will work fine, but you'll have to add an exception for disqus.com if you want to post comments on sites that use disqus. Latest version of it should detect and warn you to enable coolies though.

Re:I've been doing this in Chrome for a while. (0)

Anonymous Coward | about a year and a half ago | (#42991779)

if you want to post comments on sites that use disqus

Why would you want to have anything to do with that abomination?

Re:I've been doing this in Chrome for a while. (2)

PPH (736903) | about a year and a half ago | (#42991867)

warn you to enable coolies though.

Just as I suspected. The Chinese are behind this.

1st-party cookies are a good thing for companies (2)

davidwr (791652) | about a year and a half ago | (#42991705)

I would go even further than Mozilla plans to go (and Safari goes already):

By default, I would require all cookies to be either 1st party or "blessed" by either the user or the 1st party.

In other words, if Slashdot had a Facebook widget, either the end user would have to whitelist Facebook to allow it to deposit cookies from anywhere, or Slashdot would have to explicitly "bless" the specific widget or the web browser would not let the embedded Facebook widget read or write cookies without prompting the user first.

By default, I would have the web browser remind the user periodically that he had non-recently-used cookies and offer to clear them out.

Of course I would give the user options that included more or less privacy than the default.

Re:1st-party cookies are a good thing for companie (0)

Anonymous Coward | about a year and a half ago | (#42991815)

I would go even further than Mozilla plans to go (and Safari goes already):

By default, I would require all cookies to be either 1st party or "blessed" by either the user or the 1st party.

How is that going further? Your version make it more likely for cookies to be allowed, not less.

In other words, if Slashdot had a Facebook widget, either the end user would have to whitelist Facebook to allow it to deposit cookies from anywhere, or Slashdot would have to explicitly "bless" the specific widget or the web browser would not let the embedded Facebook widget read or write cookies without prompting the user first.

Why would Slashdot include a Facebook widget and then not allow it to be fully "functional"?

funding from google (0)

Anonymous Coward | about a year and a half ago | (#42991753)

there goes the funding from google.

Cute, but ineffective (2)

schmidt349 (690948) | about a year and a half ago | (#42991765)

The "first-party context" loophole is the deathknell of this thing, just as Safari's own mechanism doesn't actually protect anybody's privacy.

If you don't like tracking cookies, that's fine, but there is an infinite variety of workarounds for this so-called solution. One can easily use a URL proxy, for instance -- you click a link marked "Next Page" that actually goes to "entirelylegitimatewebsite.com/track_me_please," which sets a cookie and immediately redirects you to "mysite.com/nextpage." Hey presto, first-party context cookie set!

On the other hand, there's browser local storage, beacon URLs via AJAX... the list goes on and on. Hell, even if most web browsers _do_ start blocking all third-party cookies under all circumstances, the data kingpins will start offering handy little Rack and Tomcat plugins that use first-party cookies to track user behavior across the Web.

If you're a Web user who's paranoid about information leaks, you should already be using Tor and some privacy-centric web browser. But given the degree of personalization inherent in most of the 21st century Web, I have a hard time understanding why a paranoiac would use the Web at all.

Rack and Tomcat plugins (1)

davidwr (791652) | about a year and a half ago | (#42991827)

Actually, I would prefer this. It lets me hold the first party - the one I'm really interacting with - responsible for not abusing the data and taking the heat from privacy groups if the data is misused.

Re:Cute, but ineffective (0)

Anonymous Coward | about a year and a half ago | (#42991985)

If you're a Web user who's paranoid about information leaks, you should not use the web.

Fixed that for you.

If you don't want people to do things with your data, the only real solution is not to give it to them.

That implies obliteration of the ad industry. (1)

John Hasler (414242) | about a year and a half ago | (#42991793)

Don't we wish.

Re:That implies obliteration of the ad industry. (1)

jhaygood86 (912371) | about a year and a half ago | (#42991913)

Not me. I work in the ad technology industry. I actually like my job. It's not like you'll be hurting the ad technology industry much, but it will mean your favorite websites (including Slashdot!) will have less income due to lower average value of impressions (a generic non-targeted impression is worth a lot less to an advertiser than a targeted impression). The ad tech companies themselves charge the same to their clients (the ad agencies for buy-side and the online publishers for the sell side) regardless of if the impression is targeted.

Re:That implies obliteration of the ad industry. (0)

Skapare (16644) | about a year and a half ago | (#42991927)

No. Advertising is needed to help pay for stuff like servers in the cloud, etc. You think everything is to be free? You think everyone has deep pockets?

What we do NOT need is "advertisers" that have tilted the playing field with abusive practices like privacy invasions.

Well, it's a blustery day (0)

Anonymous Coward | about a year and a half ago | (#42991807)

Why must we always ask the predictably outraged organizations what they think? 1) We already know, and 2) WGAS. It's like asking the NRA what they think about a ban on Teflon bullets.

Built-in adblock enabled by default in Firefox 22 (0)

Anonymous Coward | about a year and a half ago | (#42991821)

From
http://ploum.net/post/ghost-web
Firefox 22 is released, just in time to become the default browser in Ubuntu 13.10.
The release contains many performance improvements and one big, major feature :a built-in version of adblock enabled by default.

Oblig (0)

Anonymous Coward | about a year and a half ago | (#42991849)

It was the only way to be sure.

Insanity laden cookies (5, Informative)

WaffleMonster (969671) | about a year and a half ago | (#42991905)

If you have some spare time restart your browser, fire up wireshark and filter for DNS queries then go to just the home page of any of a bazillion web sites... It is insane... one single page load of something like cnn,fox,nbc,forbes translates into 20-30 of dns queries for all manner of advertising and market intelligence companies.. Everyone knows this stuff exists but I was genuinly shocked by the volume and number of sites involved.

If it isn't cookies it will be fingerprinting, flash cookies, DNS cache probing + IP but we can work to mitigate these things as well.

Kudos to Mozilla for protecting their users (1)

Skapare (16644) | about a year and a half ago | (#42991909)

Not kudos to Mozilla for taking so many years to do what is obviously needed. This and many other things should not have needed a community submission. The core programmers should already know how to do these things and know that they are essential for safe browsing experience.

wah wah wah (0)

Anonymous Coward | about a year and a half ago | (#42991997)

Wah Wah Wah....

1 single setup to kill all advertising.

Dansguardian on Whitelist Mode (i.e I tell it what sites I want to visit... I have a list of around 700 servers in my white list)
not one bit of advertising comes through.
the occasional web site hosts advertising on their server, so ad-block in the browser takes care of that....

if for some reason I need to connect to the web directly, all I need to do is simply change the proxy port....

unfortunately (1)

crutchy (1949900) | about a year and a half ago | (#42992009)

advertisers will just find other ways and means... there is too much at stake for them to just roll over. there are probably a lot of programmers working in the advertising industry that would be combing the firefox source code for other doors to help their clients gate crash the user experience.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>