this post was submitted on 30 Jul 2023
193 points (100.0% liked)

Technology

37362 readers
196 users here now

Rumors, happenings, and innovations in the technology sphere. If it's technological news or discussion of technology, it probably belongs here.

Subcommunities on Beehaw:

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
193
Instead of obtaining a warrant, the NSA would like to keep buying your data (arstechnica.com)
submitted 11 months ago by [email protected] to c/[email protected]
27 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 7 points 11 months ago (2 children)

Cookies are an important part of the internet. The misconception that cookies were added to browsers to track people is why websites that operate in Europe are always bothering you about necessary cookies. You're talking about third-party cookies and analytics tools, which don't even need cookies at all to track exactly what you're doing on a single site. Without cookies (or cookies reimplemented using client-side storage APIs instead of regular cookies), websites cannot keep you logged in or remember what you have in your shopping cart or any sort of preferences you have set.

At least in the US, don't assume that local stores aren't collecting the same information using cameras and credit card numbers and device trackers (eg if the store has free wifi, which sections of the store are wifi client devices in?).

[–] [email protected] 2 points 11 months ago

You don't need to get consent for necessary cookies.

[–] [email protected] 2 points 11 months ago* (last edited 11 months ago) (1 children)

Cookies are not needed. They are shifting the security onto the user. Secure the information on the server just like any other business. Offloading onto the client is wrong. It leads to ambiguity and abuses. Visiting a store and a business on the internet are no different. My presence gives no right to my person, searches, or tracking in the location or outside of it. Intentions are worthless. The only thing that matters is what is possible and practiced. Every loophole is exploited and should be mitigated. The data storage and coding practices must change.

[–] [email protected] 1 points 11 months ago (1 children)

The security is still implemented on the server. When you log in, most sites issue a cookie or otherwise store in the browser an authentication token. Subsequent requests provide that token so the server knows it's still you. If the cookie is not persisted across tabs or browser sessions, every time you visit the site you must log in again (there are ways to make browsers do this if you really want to). If you didn't allow even temporary client-side storage while on the page, most of the internet just wouldn't work.

[–] [email protected] 1 points 11 months ago

This is how I use the internet.