Re: Cookies - Raising Awareness

I guess my worry is that I can't think of anyone who knows how to answer

Do you want to accept cookie "fzwq1FwnrN2vxoi...HcLUz6vO0f2mRQ" from

and that the browser can't tell me either what is encoded directly in the cookie, or what it 'points at' in a database at google.  Without knowing these two, I have no idea what the consequences of acceptance are, and I certainly don't know what services will fail if I say "no".

On Jul 24, 2010, at 10:21 , Jochen Eisinger wrote:

> On Sat, Jul 24, 2010 at 10:13 AM, David Singer <> wrote:
>> !
>> If I am asked 'do you want to accept this cookie?' I would immediately ask back 'what is it tracking?'.  I have no idea what the right answer is....
>> Turning off cookies is somewhat going completely incognito/untrackable;  kind of like wearing a stocking over your head, generic black pants and jacket, dark glasses, and doing all your transactions  using 'ransom notes' and unmarked, used, $10 bills.  it's a bit extreme.
> I'd argue that it mainly breaks logins for you.
> Tracking can be done without HTTP cookies, e.g. using flash cookies,
> local storage, finger printing etc..
> We're however currently experimenting with replacing the cookie prompt
> with a more usable blocking mode. You can test it on Chrome's current
> dev channel. When you block cookies, we'll collect both blocked and
> accepted cookies (and other site data such as local storage). Click on
> the blocked cookie symbol and select "show cookies etc..". This will
> pop up a dialog that displays all cookies for the current web page,
> and lets you create exceptions for accepting/blocking cookies from
> certain domains. It's not yet perfect, esp. the creation of exception
> doesn't give you any feedback, but what do you think about the general
> approach?
> -jochen

David Singer
Multimedia and Software Standards, Apple Inc.

Received on Monday, 26 July 2010 07:04:48 UTC