Enthalpy Posted June 28, 2018 Posted June 28, 2018 Hello Internet users! (Should be 100% of the members here) You noticed that all sites, including the very best forums, put for a couple of months a warning that they use cookies - at least for users in the EU. It's not that you were supposed to ignore it. Nor that cookies are deleterious. It's just because the EU has decided that you should not ignore this horrible threat to your private life. Worse: if your reasonable security settings let the browsers erase all cookies at closing, then you get the warning about cookies each and every time. A bit like if the law wanted you not to erase the cookies. The politicians make laws to force companies spy individuals out, for instance reveal all passwords to governmental agencies hence know and store the passwords, which enabled hackers to steal them all at Yahoo. Or to put backdoors in communications, operating systems and so on, making the countries perfectly vulnerable to the alleged enemies. We may wonder if the politicians really should warn us about the companies, or rather the other way. Anyway, I'd to share with you the notice that made my use of Internet a little bit easier: Someone has written for Firefox and others anextension to block the popup warning about cookies It's available there:https://addons.mozilla.org/en-GB/firefox/addon/i-dont-care-about-cookies/ so nice! Enjoy! 1
Strange Posted June 28, 2018 Posted June 28, 2018 17 minutes ago, Enthalpy said: this horrible threat to your private life. Really? I mean, really!? 19 minutes ago, Enthalpy said: The politicians make laws to force companies spy individuals out, for instance reveal all passwords to governmental agencies Good grief.
StringJunky Posted June 28, 2018 Posted June 28, 2018 It's a stupid regulation, forcing websites to tell you they are going to plant a cookie. Cookies are normal. 1
Endy0816 Posted June 28, 2018 Posted June 28, 2018 Seeing it all over outside the EU too :| Remonds me of the California Carcinogen warning(for better or worse). Effects every single state though only required by one.
Sensei Posted June 28, 2018 Posted June 28, 2018 (edited) 3 hours ago, Strange said: 3 hours ago, Enthalpy said: this horrible threat to your private life. Really? I mean, really!? He was mocking.. 3 hours ago, Enthalpy said: You noticed that all sites, including the very best forums, put for a couple of months a warning that they use cookies - at least for users in the EU. Politicians know very little about computers, and even less about how to program computers and how to make websites.. Any serious webmaster/computer programmer should know that there are practically the only three ways to store session id (but some custom non-standard ways could be developed in e.g. JavaScript/AJAX). Cookies (readable by $_COOKIE[] array in PHP), query string (URI) (readable by $_GET[] array in PHP), and third one which should not be even mentioned as the last reliable.. Cookies is THE BEST out of these three methods! Practically any website which is allowing user to log in to their account must use cookies (as the most reliable way to store session id of currently logged user). In old times, '80 years, lame webmasters were using 2nd method (session id inside of query string). But if such website has links to 3rd party websites, session id will be put to inside of Referer parameter in HTTP-Request (and linked website programmer will be able to read it using e.g. $_SERVER[ 'HTTP_REFERER' ] in PHP: <?php if( isset( $_GET[ 'Index' ] ) ) $index = $_GET[ 'Index' ]; else $index = 0; $index++; if( isset( $_SERVER[ 'HTTP_REFERER' ] ) ) printf( "Referer: " . $_SERVER[ 'HTTP_REFERER' ] . "<br />\r\n" ); printf( "<a href=\"test.php?Index=$index\">Click here (again!)</a><br />\r\n" ); ?> I showed it on the above little program that you can run on your Apache server or other WWW server. After clicking link you will see that second linked website is receiving "index"... If webmaster is using session-id in similar way in query string, it's passed to any linked 3rd party website (and nobody knows what happen with it later), and somebody can in the real-time pretend he/she is logged user instead of the real user, from 3rd party machine.. In the case of cookies this problem does not exist. There are other problems (e.g. availability of cookies inside of sub-domains of the main domain, if they're incorrectly set up). 3 hours ago, StringJunky said: It's a stupid regulation, forcing websites to tell you they are going to plant a cookie. Cookies are normal. Cookies are essential for properly store session id of the currently logged user (e.g. user of this forum). Such regulation asking for whether user allows using cookies, is kinda like question, whether they want to breath at all.. Can you live without breathing? No. Can you log in to your user account when website is using cookies to store session id? No.. 3 hours ago, Enthalpy said: Worse: if your reasonable security settings let the browsers erase all cookies at closing, then you get the warning about cookies each and every time. A bit like if the law wanted you not to erase the cookies. That's because information that you allowed website to use cookies, is stored in cookies (i.e. local data on computer, that's the only data send to website while visiting it). Edited June 28, 2018 by Sensei
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now