this post was submitted on 19 Feb 2024
1236 points (94.1% liked)
Technology
60287 readers
4462 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Cookies serve important purposes for doing things like keeping you signed in as you navigate through multiple pages on a site.
The issue is that most parts of the internet were developed by people more interested in all the cool stuff you could do with it, and not at all concerned about the potential misuse by large multi billion dollar corporations.
You defend cookies in general. But the person youre replying to might have meant third-party cookies by "invasive cookies" ?
I'd suggest a password manager. Its not the prettiest solution but its worth it.
Cookies are a part of the http protocol and the server side design of the websites themselves. You can’t just replace them with a password manager on your individual client.
no a password manager can't replace cookies, Like a JPEG can't replace a 2 hour long film.
I have however forgone cookies for the most part. Great for privacy.
I'd recommend keepassxc, bookmarking and some addons like ublock, no script, libredirect. Most sites still work and the few that don't aren't worth my time
Cookies are literally how a website keeps track of you having logged with a username and password into that site on your browser, for all other pages after you leave the log-in page.
The reason for this is because the Web protocols were designed for the web server to get a request from a browser, send the page to the browser and after that close the connection (though since HTTP version 1.1 connections might stay up for things like sending the pictures linked to a page, a mechanism known as Keep-Alive).
For performance by default the web server doesn't really care which browser has asked it for a given page or what it has asked for before unless some kind of tracking is added to the pages your receive so that in subsequent requests you're identified.
So the only way for a website to keep track of a specific browser so that it can do different things for that browser (i.e. know a user has logged-in via that browser so send to that browser pages that user has access to rather than sending "You are not logged-in" errors) is by sending some kind of token to the browser which the browser will then present along with each subesequent request to that site.
Cookies are by far the easiest way to do this.
The problem with cookies is that their ability to track a browser has be abused for things far beyond their original purpose (mainly things like track the browser were a user logged-in, to know to which browsers it can send certain protected pages and information).
There are some sites that can track a user in that site after log-in with a different method (basically all the links you get in pages on that website have a tiny bit of extra information that identifies each request as coming from a specific browser, but for example if you come into the website again from a bookmark all that is lost), but those are pretty rare nowadays because it can be quite complex to get it work whilst cookies are pretty straightforward to get to work reliably.
I recommend setting up logging in yourself so you can see why you're wrong.
What part am I wrong about?