12 July 2012

206. Chrome, cookies and incessant spying

With age and added responsibilities I'm becoming grumpier and grumpier.

I read lxer.com everyday since it provides a good aggregation of linux-related news. On clicking on this link to h-online I was shown a pop-up in the top left corner letting me know that h-online uses cookies, and by clicking close my consent to be tracked is assumed. A link was given to a page where I could opt out, and another link to etracker was provided on that page. Clicking on that and eventually getting past the captcha told me that etracker will no longer track my browser (so I have to do it for chrome, chromium, and iceweasel? And on every one of my six computers?)

I signed up for my first dial-up internet connection in 1996, and as far as I can remember cookies were heavily discussed already back then. However -- and again this is as far as I can remember -- accepting cookies wasn't necessary since not every website + their mum was using them to track you. 

As far as I can see there are a few reasons why websites want to set first or third party cookies:
* Ads. Targeted ads.
* Information. Which is then sold to companies tailoring ads.
* Automatic log-in and customisations
* Because everyone else is doing it

I've cleared my cache, but I saw cookies from the Swedish ministry of foreign affairs, among others. I find it difficult to imagine a legitimate reason for them to set a local cookie on my computer. I don't think there is any evil intent behind it -- instead it's probably a case of 'why not?'.

It's easy enough to set your browser to block all cookies or to automatically delete them on closing your browser. Some browsers allow you to accept cookies on a site/provider basis. This easily leads to you having to click pop-up after pop-up after pop-up...

The ideal case -- from the point of the user -- is one where you block all cookies and add exceptions for sites that YOU deem have legitimate reasons to set cookies and where YOU benefit from having cookies set.

A little experiment. Try disabling cookies completely, and then log-in to your blogger or gmail account. Try adding an exception for google servers only, then log in to blogger -- you get stuck in a nice little loop which only gets broken if you add an exception for blogger.

In fact, I can't even do much on the university network without allowing cookies -- the university wants to set cookies in order to allow me to do just about anything.

Anyway, after that rant, here's how you might want to manage your cookies in google chrome:
Got to settings in google chrome and type in cookies

Click on Content Settings.
* Block sites from settings any data
* Block third party cookies and site data
Then click on Manage Exceptions 

 Add sites YOU feel should have the right to add cookies.
With google and blogger you have little choice: in order to use those sites you need to enable cookies.
Note that wildcards are added using [*.]

You may also want to clear you cache to get rid of cookies which have already been set.
Continuously add exceptions for sites which you want to grant the ability to set cookies. 

You can also add sites by clicking on the cookie icon to the right of the URL field in your browser:

Take a look at what cookies are set every now and again.

If you find that you have plenty of cookies like these:

it's likely because you have the Google Opt Outs enabled:

No comments:

Post a Comment