EU cookie nonsense

On Wed, 13 Nov 2019 21:44:50 -0000, Neil wrote:

On 11/13/2019 1:50 PM, Commander Kinsey wrote:
On Wed, 13 Nov 2019 18:19:48 -0000, Neil wrote:

On 11/13/2019 12:11 PM, Commander Kinsey wrote:
On Wed, 13 Nov 2019 17:06:32 -0000, David wrote:

On 13/11/2019 16:45, Commander Kinsey wrote:
I wonder, is a cookie required to remember that you selected not to
allow cookies?

I know you were joking .......

........ but I founnd this for you:-

https://www.whoishostingthis.com/res...cookies-guide/

Interesting (to the likes of me!)

I was pointing out the stupidity of the EU legislation, which is 10
times as annoying as cookies, as every ****ing page keeps asking me if I
want cookies! If I didn't, I'd turn them off on my browser, ONCE, not
on every page!

My point is, a cookie is required to store data about you. One of those
pieces of data would have to be "David doesn't want cookies", but in
storing that cookie, the site is then breaking the law. Which means
they have to ask you again next time!

If one doesn't want to allow cookies, one turns them off in their
browser. However, every site that relies on cookies will pop up those
annoying screens asking if you'll override that setting for their site.
If the person accepts that option, the site is logged into the
exceptions _in their browser settings_, not on the website.

So you're damned either way. Even if we (I'm in the UK) end up
(eventually!) leaving the EU, that **** will still be there, unless the
EU dissolves completely, which I was hoping might happen - countries
like Germany seemed to have a revolt going on similar to UKIP in the UK,
but nothing seemed to come of it.

However, there are many ways that things that are stored on a website to
track users, even across domains, and there is little a user can do
about it. Those methods get grouped into being called "cookies", even
though they aren't and there's no way for a user to opt out.

https://www.howtogeek.com/115483/htg-explains-learn-how-websites-are-tracking-you-online/


If they're all grouped into "cookies", then surely when I say "no", I
get none of them?

No...the methods I was referring to, several of which are described in
the linked reference, are NOT cookies. Visitors to a site will not be
asked if they want to accept them, and there is no way to block them.

If you want more privacy, get off line ASAP. But, even then you'll be
tracked by facial recognition technology. ;-)

See: "Blade Runner" 8-D

[books plastic surgeon]

On Wed, 13 Nov 2019 21:53:44 -0000, Char Jackson wrote:

On Wed, 13 Nov 2019 20:10:21 -0000, "Commander Kinsey"
wrote:

On Wed, 13 Nov 2019 19:18:14 -0000, Char Jackson wrote:

On Wed, 13 Nov 2019 17:11:58 -0000, "Commander Kinsey"
wrote:

My point is, a cookie is required to store data about you.

No, not "required", since cookies are just one way to store data.

Which makes the cookie law pointless.

One of those pieces of data would have to be "David doesn't want cookies", but in storing that cookie,

Cookie preferences are stored in browser prefs, not in cookies.

Global cookie preferences yes, but not "I don't want cookies from the BBC", that would be stored in a BBC cookie surely?

No, it wouldn't makes sense to store a cookie preference in a cookie. It
should be stored as a browser preference.

But this is a preference for ONE website. I go to site A and say "yes I accept cookies", then I go to site B and say "no cookies". Where are these two entries stored?

The web
server will figure out that you don't like cookies when they send you one
or more and you don't send them back on your next request.

Doesn't seem so, people have reported that despite blocking them, they are consistantly asked with that bloody banner.

Yes, of course they get asked. The web server sends cookies. It's what they
do. You have no control over that, but you can control what happens on your
end. You can configure your browser not to send them back.

Then browsers need to include rejecting of banners when cookies are already off. It's pretty daft being asked permission for something you've already globally refused.

HTTP is a stateless protocol. The web server doesn't keep track of you or
what you're doing during your session. Heck, it doesn't even know you're
doing a 'session' since each request/response pair is standalone. The web
server needs some other way to tie your requests together. Cookies are one
popular way to do that, but not the only way. For example, rather than
stick a session ID into a cookie, some sites encode the session ID and
append it to the URI. There are other ways, as well.

This is one reason I normally just say yes to cookies. If I'm buying some stuff online, I don't want the shopping bag to go missing and forget what I was buying.

the site is then breaking the law. Which means they have to ask you again next time!

Web sites have to ask each time because they don't store your cookie
preference on their site.

They should do, to make it FAR less annoying.

Not practical, so no.

It must be possible to store it either at their end or on your browser.

Keep in mind that, unless you're taking active measures to strip cookies,
web sites can and will send cookies to you. There's nothing you can do
about that, short of the active measures mentioned above, including a web
proxy, for example. All your local cookie preferences do is control whether
your browser will *return* those cookies on subsequent requests.

But presumably if I say no on the EU cookie banner, they aren't allowed to send them.

I don't know what that banner says but here in the States we get a banner
or footer advising us that the site uses cookies to store user information.
There is no yes or no, just an acknowledgment that you understand.

All sites seem to design them differently, but you should be able to reject the cookies, or they're breaking the law if it happens within the EU. And if they were sensing you weren't in the EU, then they wouldn't give you any banner anyway.

On Wed, 13 Nov 2019 22:23:26 -0000, "Commander Kinsey"
wrote:

On Wed, 13 Nov 2019 21:53:44 -0000, Char Jackson wrote:

On Wed, 13 Nov 2019 20:10:21 -0000, "Commander Kinsey"
wrote:

On Wed, 13 Nov 2019 19:18:14 -0000, Char Jackson wrote:

On Wed, 13 Nov 2019 17:11:58 -0000, "Commander Kinsey"
wrote:

My point is, a cookie is required to store data about you.

No, not "required", since cookies are just one way to store data.

Which makes the cookie law pointless.

One of those pieces of data would have to be "David doesn't want cookies", but in storing that cookie,

Cookie preferences are stored in browser prefs, not in cookies.

Global cookie preferences yes, but not "I don't want cookies from the BBC", that would be stored in a BBC cookie surely?

No, it wouldn't makes sense to store a cookie preference in a cookie. It
should be stored as a browser preference.

But this is a preference for ONE website. I go to site A and say "yes I accept cookies", then I go to site B and say "no cookies". Where are these two entries stored?

As people have been saying, those are browser preferences. They are stored
along with the rest of your browser preferences. In Firefox, for example,
cookie exceptions are stored at http://aboutreferences#privacy behind the
Manage Permissions dialog.

snip

It must be possible to store it either at their end or on your browser.

Not at the web server end. How would they identify you, and why should they
store information on someone who may have made a single visit and will
never come back? No, it's much better to store cookie prefs at the browser
side.

All sites seem to design them differently, but you should be able to reject the cookies
snip

You can't reject cookies unless you're willing to configure a proxy of some
kind, but you can ignore them. Here's what Google says regarding their
Chrome browser:

In Chrome

On your computer, open Chrome.
At the top right, click More Settings.
At the bottom, click Advanced.
Under "Privacy and security," click Site settings.
Click Cookies.
From here, you can: Turn on cookies: Next to "Blocked," turn on the
switch. Turn off cookies: Turn off Allow sites to save and read cookie
data.

On Wed, 13 Nov 2019 23:03:47 -0000, Char Jackson wrote:

On Wed, 13 Nov 2019 22:23:26 -0000, "Commander Kinsey"
wrote:

On Wed, 13 Nov 2019 21:53:44 -0000, Char Jackson wrote:

On Wed, 13 Nov 2019 20:10:21 -0000, "Commander Kinsey"
wrote:

On Wed, 13 Nov 2019 19:18:14 -0000, Char Jackson wrote:

On Wed, 13 Nov 2019 17:11:58 -0000, "Commander Kinsey"
wrote:

My point is, a cookie is required to store data about you.

No, not "required", since cookies are just one way to store data.

Which makes the cookie law pointless.

One of those pieces of data would have to be "David doesn't want cookies", but in storing that cookie,

Cookie preferences are stored in browser prefs, not in cookies.

Global cookie preferences yes, but not "I don't want cookies from the BBC", that would be stored in a BBC cookie surely?

No, it wouldn't makes sense to store a cookie preference in a cookie. It
should be stored as a browser preference.

But this is a preference for ONE website. I go to site A and say "yes I accept cookies", then I go to site B and say "no cookies". Where are these two entries stored?

As people have been saying, those are browser preferences. They are stored
along with the rest of your browser preferences. In Firefox, for example,
cookie exceptions are stored at http://aboutreferences#privacy behind the
Manage Permissions dialog.

I doubt all the browsers have a specific place to store EU legislation. Before this nonsense came out, we didn't have a choice to accept cookies from some sites and not others.

It must be possible to store it either at their end or on your browser.

Not at the web server end. How would they identify you, and why should they
store information on someone who may have made a single visit and will
never come back? No, it's much better to store cookie prefs at the browser
side.

You could store one small cookie with just an ID number on the browser, then all the data on the server. I'm surprised they don't do that, so the user can't see what they're storing about them.

All sites seem to design them differently, but you should be able to reject the cookies

You can't reject cookies unless you're willing to configure a proxy of some
kind, but you can ignore them.

When I say "no" in the EU-provided banner, surely I'm rejecting them?

Here's what Google says regarding their
Chrome browser:

In Chrome

On your computer, open Chrome.
At the top right, click More Settings.
At the bottom, click Advanced.
Under "Privacy and security," click Site settings.
Click Cookies.
From here, you can: Turn on cookies: Next to "Blocked," turn on the
switch. Turn off cookies: Turn off Allow sites to save and read cookie
data.

In article op.0a7v5oipwdg98l@glass, Commander Kinsey
wrote:

No, it wouldn't makes sense to store a cookie preference in a cookie. It
should be stored as a browser preference.

But this is a preference for ONE website. I go to site A and say "yes I
accept cookies", then I go to site B and say "no cookies". Where are
these two entries stored?

As people have been saying, those are browser preferences. They are stored
along with the rest of your browser preferences. In Firefox, for example,
cookie exceptions are stored at http://aboutreferences#privacy behind the
Manage Permissions dialog.

I doubt all the browsers have a specific place to store EU legislation.
Before this nonsense came out, we didn't have a choice to accept cookies from
some sites and not others.

yes we did.

site-specific preferences, particularly for cookies, has been an option
for at least 15 years, when i first started taking advantage of it.

On 13/11/2019 18.11, Commander Kinsey wrote:
I was pointing out the stupidity of the EU legislation, which is 10
times as annoying as cookies, as every ****ing page keeps asking me if I
want cookies!* If I didn't, I'd turn them off on my browser, ONCE, not
on every page!

The legislation permits, as a recent sentence said, to just continue
browsing without answering the question, and be interpreted as positive,
I allow cookies.

--
Cheers, Carlos.

On Wed, 13 Nov 2019 20:10:21 -0000, "Commander Kinsey"
wrote:

Cookie preferences are stored in browser prefs, not in cookies.

Global cookie preferences yes, but not "I don't want cookies from the BBC", that would be stored in a BBC cookie surely?

Firefox -- Options --Privacy-- Accept Cookies --
Exceptions.

https://postimg.cc/vxwg7wKR

(no scripting necessary to view)

It's been there for a decade, at least.
(That's from an old Palemoon, I'm on my laptop)
[]'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012

On Thu, 14 Nov 2019 01:36:16 -0000, Shadow wrote:

On Wed, 13 Nov 2019 20:10:21 -0000, "Commander Kinsey"
wrote:

Cookie preferences are stored in browser prefs, not in cookies.

Global cookie preferences yes, but not "I don't want cookies from the BBC", that would be stored in a BBC cookie surely?

Firefox -- Options --Privacy-- Accept Cookies --
Exceptions.

https://postimg.cc/vxwg7wKR

(no scripting necessary to view)

It's been there for a decade, at least.
(That's from an old Palemoon, I'm on my laptop)

I don't use Firefox.

[]'s

In English please.

Commander Kinsey wrote:
On Thu, 14 Nov 2019 01:36:16 -0000, Shadow wrote:

On Wed, 13 Nov 2019 20:10:21 -0000, "Commander Kinsey"
wrote:

Cookie preferences are stored in browser prefs, not in cookies.

Global cookie preferences yes, but not "I don't want cookies from the
BBC", that would be stored in a BBC cookie surely?

Firefox -- Options --Privacy-- Accept Cookies --
Exceptions.

https://postimg.cc/vxwg7wKR

(no scripting necessary to view)

It's been there for a decade, at least.
(That's from an old Palemoon, I'm on my laptop)

I don't use Firefox.

And? What's the name of your browser ? Hasenpfeffer ?

Paul

On 13/11/2019 18:47, Commander Kinsey wrote:
On Wed, 13 Nov 2019 18:16:51 -0000, Chris wrote:

Commander Kinsey wrote:
I wonder, is a cookie required to remember that you selected not to
allow cookies?

Nope. If you decline it keeps asking every time you visit the site
because,
as you say, it can't record your request. Very annoying.

There are plugins which try and ease the pain, but don't always work.

Since this nonsense has found it's way out of the EU to users all over
the world, other governments should be taking the EU to court over it.
The EU has no right to inflict this on non-EU countries, which would be
most of the world.

They're not.

On 13/11/2019 22:23, Commander Kinsey wrote:
On Wed, 13 Nov 2019 21:53:44 -0000, Char Jackson wrote:

HTTP is a stateless protocol. The web server doesn't keep track of you or
what you're doing during your session. Heck, it doesn't even know you're
doing a 'session' since each request/response pair is standalone. The web
server needs some other way to tie your requests together. Cookies are
one
popular way to do that, but not the only way. For example, rather than
stick a session ID into a cookie, some sites encode the session ID and
append it to the URI. There are other ways, as well.

This is one reason I normally just say yes to cookies.Â* If I'm buying
some stuff online, I don't want the shopping bag to go missing and
forget what I was buying.

Those are "session" cookies which are exempt from the EU regs as they
are required for the functioning of the site and are never stored beyond
the end of the session. Nor do they store any personal information.

Saying "No" to cookies doesn't stop session cookies.

On Thu, 14 Nov 2019 00:34:24 -0000, Carlos E.R. wrote:

On 13/11/2019 18.11, Commander Kinsey wrote:
I was pointing out the stupidity of the EU legislation, which is 10
times as annoying as cookies, as every ****ing page keeps asking me if I
want cookies! If I didn't, I'd turn them off on my browser, ONCE, not
on every page!

The legislation permits, as a recent sentence said, to just continue
browsing without answering the question, and be interpreted as positive,
I allow cookies.

There is still a banner the size of an advert, which is very irritating.

But.... http://prebake.eu/ removes it apparently, I've just installed it.

On Thu, 14 Nov 2019 02:53:51 -0000, Paul wrote:

Commander Kinsey wrote:
On Thu, 14 Nov 2019 01:36:16 -0000, Shadow wrote:

On Wed, 13 Nov 2019 20:10:21 -0000, "Commander Kinsey"
wrote:

Cookie preferences are stored in browser prefs, not in cookies.

Global cookie preferences yes, but not "I don't want cookies from the
BBC", that would be stored in a BBC cookie surely?

Firefox -- Options --Privacy-- Accept Cookies --
Exceptions.

https://postimg.cc/vxwg7wKR

(no scripting necessary to view)

It's been there for a decade, at least.
(That's from an old Palemoon, I'm on my laptop)

I don't use Firefox.

And? What's the name of your browser ? Hasenpfeffer ?

Opera.

On Thu, 14 Nov 2019 03:07:35 -0000, Jim H wrote:

On Wed, 13 Nov 2019 16:45:39 -0000, in op.0a7cudxbwdg98l@glass,
"Commander Kinsey" wrote:

I wonder, is a cookie required to remember that you selected not to allow cookies?

My Libertarian tendencies say the person involved should be required
to set his browser to not accept any cookies unless he wants cookies.
That doesn't have to involve setting a cookie that says no cookies.

Barring that, then he should be responsible for saying NO when asked
if he wants cookies... which should be a site wide and ever after
decision, not page by page or on each repeated visit.

But... I'm pretty sure the EU nanny state doesn't intend to make
anyone fully responsible for making his own decisions. As sure as I am
that giving the user full responsibility by asking every time will
just **** off security conscious people who would rather the site read
their minds than bother them with making a decision in exchange for
content that in most cases is then free.

+1

If there's any universal truth to what goes on on the Internet it's
that no matter what, someone will whine about it.

And with good reason!

On Thu, 14 Nov 2019 09:41:48 -0000, Chris wrote:

On 13/11/2019 18:47, Commander Kinsey wrote:
On Wed, 13 Nov 2019 18:16:51 -0000, Chris wrote:

Commander Kinsey wrote:
I wonder, is a cookie required to remember that you selected not to
allow cookies?

Nope. If you decline it keeps asking every time you visit the site
because,
as you say, it can't record your request. Very annoying.

There are plugins which try and ease the pain, but don't always work.

Since this nonsense has found it's way out of the EU to users all over
the world, other governments should be taking the EU to court over it.
The EU has no right to inflict this on non-EU countries, which would be
most of the world.

They're not.

I've seen many a Canadian and American say they have to click the damn things. Sure, a site can detect your IP and decide you're not in the EU, but clearly some don't bother checking and just ask everyone.