decoration decoration
Stories

GROKLAW
When you want to know more...
decoration
For layout only
Home
Archives
Site Map
Search
About Groklaw
Awards
Legal Research
Timelines
ApplevSamsung
ApplevSamsung p.2
ArchiveExplorer
Autozone
Bilski
Cases
Cast: Lawyers
Comes v. MS
Contracts/Documents
Courts
DRM
Gordon v MS
GPL
Grokdoc
HTML How To
IPI v RH
IV v. Google
Legal Docs
Lodsys
MS Litigations
MSvB&N
News Picks
Novell v. MS
Novell-MS Deal
ODF/OOXML
OOXML Appeals
OraclevGoogle
Patents
ProjectMonterey
Psystar
Quote Database
Red Hat v SCO
Salus Book
SCEA v Hotz
SCO Appeals
SCO Bankruptcy
SCO Financials
SCO Overview
SCO v IBM
SCO v Novell
SCO:Soup2Nuts
SCOsource
Sean Daly
Software Patents
Switch to Linux
Transcripts
Unix Books

Gear

Groklaw Gear

Click here to send an email to the editor of this weblog.


You won't find me on Facebook


Donate

Donate Paypal


No Legal Advice

The information on Groklaw is not intended to constitute legal advice. While Mark is a lawyer and he has asked other lawyers and law students to contribute articles, all of these articles are offered to help educate, not to provide specific legal advice. They are not your lawyers.

Here's Groklaw's comments policy.


What's New

STORIES
No new stories

COMMENTS last 48 hrs
No new comments


Sponsors

Hosting:
hosted by ibiblio

On servers donated to ibiblio by AMD.

Webmaster
most web dev tools and tool bars... | 206 comments | Create New Account
Comments belong to whoever posts them. Please notify us of inappropriate comments.
most web dev tools and tool bars...
Authored by: Anonymous on Wednesday, May 08 2013 @ 11:13 PM EDT
have cookie clearing functions.

sum.zero

[ Reply to This | Parent | # ]

Session cookies
Authored by: ailuromancy on Thursday, May 09 2013 @ 12:06 AM EDT

The handy piece of jargon is 'session cookie', which is a cookie that is deleted when the browser terminates. Lots of browsers have a 'treat all cookies as session cookies' option. Midori has a delete cookies after one hour/day/week/month/year button. This is the first time I have heard of the button being on by default.

If you want some real insanity, EU law requires web sites to show a cookie opt in/out message to new users until they make a decision. So, what if I say no to cookies - how is that information recorded so I do not have to have the cookie question continually wasting space on my browser? My preference is stored in a cookie!

[ Reply to This | Parent | # ]

  • Session cookies - Authored by: Anonymous on Thursday, May 09 2013 @ 07:06 AM EDT
    • Session cookies - Authored by: Anonymous on Thursday, May 09 2013 @ 03:32 PM EDT
Why is the flip side of that any different?
Authored by: Anonymous on Thursday, May 09 2013 @ 09:46 AM EDT

Why shouldn't the settings be off by default and you enable specific cookies for a particular site?

Under your own logic:

    It shouldn't be beyond the wit of man to enable a session cookie for a particular on-line ebusiness
Core security principles start with:
    Deny everything, enable what needs to be
Following that principle:
    you only install the ftp server on your computer if you need to ftp into your computer from external
Of course, MS for years preferred the opposite security principle:
    Allow everything, deny what needs to be
As a result:
    Install ftp server and telnet server (and a host of others) ensuring anonymous access without a password is allowed....
This is a core reason why Microsoft security still fails miserably today - Microsoft doesn't understand the core security principles.

Privacy - proper privacy - requires the same core principles. Without proper security you have no privacy. Without proper privacy, you've given up a good deal of security. So, the core principle on privacy:

    Deny everything by default, enable that which is needed.
I don't really care whether the trackers agree with me. It's not their privacy that they want to invade. It's mine. They don't get to demand what privacy I have to give up. I get to say what privacy I'm willing to relinquish. All they get to do is:
    Ask me what privacy I'm willing to relinquish and accept that which I allow them to have access to!
So yes, in a sense I agree with you:
    The user should have the intelligence to clean up their local files to sufficiently handle their privacy.
But, a the same time:
    The user should also have the intelligence to realize their privacy is theirs to protect and that includes deciding what privacy to grant in the first place! To understand why privacy/security should be enabled by default with the explicit decrease in privacy/security required after that.

RAS

[ Reply to This | Parent | # ]

The Man Who Turned Off Cookies
Authored by: Anonymous on Thursday, May 09 2013 @ 12:11 PM EDT
I do run a script that purges cookies at logout.

Firefox has had that as one of the standard cookie options for as long as I can remember. In Firefox 20:

  1. go to "preferences"
  2. then "privacy"
  3. and then set "history" to "use custom settings for history"
  4. When you do this, a new set of cookie options will appear.
  5. Then make sure that "accept cookies from sites" is set on. This will enable still more options.
  6. Set "keep until" to "I close Firefox".

You can turn third party cookies off while still keeping second party (the site you are actually visiting) cookies. You can also individually white list which sites are allowed to set cookies. All of these are standard options and have been in Firefox for some time now.

I normally just turn cookies off and just turn them on when I need to log into a specific site. When I log out of that site, I clear all cookies (there is another standard button for this - you can also clear individual cookies if you want). Firefox has for as long as I can recall been very easy to use when it comes to managing cookies (certainly easier than any other browser that I've tried).

P.S. I find that when I turn off cookies web sites seem to load much faster. I assume that what is happening is that when all the cookie requests get refused, my computer doesn't waste time uploading and downloading dozens of cookies. I just did a test and visited a web site that I often use with cookies turned on. A single page load from that site caused 36 third party cookies to be set. That's 3 dozen cookie requests for just one page. That's not a trivial amount of communications taking place.

[ Reply to This | Parent | # ]

Groklaw © Copyright 2003-2013 Pamela Jones.
All trademarks and copyrights on this page are owned by their respective owners.
Comments are owned by the individual posters.

PJ's articles are licensed under a Creative Commons License. ( Details )