this post was submitted on 16 Dec 2023
1475 points (98.7% liked)

Memes

45745 readers
1746 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
 
top 50 comments
sorted by: hot top controversial new old
[–] Nyfure@kbin.social 152 points 11 months ago (2 children)

The real MVPs are websites not needing a cookie banner because they only use required cookies for which you dont need a banner.

[–] manucode@infosec.pub 8 points 11 months ago (1 children)

They still have to inform you, right? Like with some banner at the edge of the page telling that they use cookies, just no need for a popup asking you to accept or decline.

[–] DrCake@lemmy.world 45 points 11 months ago (1 children)

No it’s only for tracking cookies. If you just have cookies for login, for example, then there’s no need to ask permission

[–] Sprucie 39 points 11 months ago (1 children)

And what tells you is how fucked the internet is since almost every single webpage asks to use tracking cookies.

[–] Zpiritual@lemm.ee 18 points 11 months ago

There is also the problem of sites without tracking cookies having banners just to be on the safe side.

load more comments (1 replies)
[–] msage@programming.dev 84 points 11 months ago (2 children)

Just FYI - it's mandatory to have a button like that next to the 'Accept all'.

Every site that doesn't do it should be reported.

[–] berkersal@iusearchlinux.fyi 36 points 11 months ago (4 children)
[–] tyrefyre@sh.itjust.works 39 points 11 months ago

Straight to internet headquarters of course.

[–] TheyCallMeHacked@discuss.tchncs.de 23 points 11 months ago (1 children)

The serious answer is to whatever your country's internet regulation agency is (assuming your in the EU, else you're out of luck). So for example, in France that would be the CNIL, in Germany it's the BfDI, etc.

[–] Nyfure@kbin.social 9 points 11 months ago

Just FYI Germany likes to make things more difficult, so with federation every sub-area is separated in many aspects and has own agencies for different things..

BfDI is only responsible for health and internet-provider institutions (and a few more).
Otherwise you can send it to the one where the company is located at, or always where you are located at. (they will forward it, but that can take a few months, so better to submit where it has to go).

load more comments (1 replies)
[–] Imgonnatrythis@sh.itjust.works 20 points 11 months ago

If that's so it's incredibly poorly enforced to the point where complaining is unlikely to have any effect at all. Most Sites have a button that leads To a secondary menu where cookie preferences can be set. Perhaps this meets the mandate you speak of? It's a much more common setup.

[–] Blackmist 42 points 11 months ago (1 children)

Or just sites that don't need a consent popup because they don't sell your shit.

[–] SirQuackTheDuck@lemmy.world 12 points 11 months ago

"well, we're not selling it, we're just using 247 advertising agencies to measure the general performance of our site. Nothing targeted, we'd never do that." - totally legit companies that absolutely value user rights

/s, if that wasn't obvious enough.

[–] cobysev@lemmy.world 33 points 11 months ago (2 children)

NEVER click decline all. There are loopholes built in that still grant access to "legitimate interest" cookies, which are recognized differently from "consent cookies." If you click reject all, it still allows collection of certain personal info through cookies labeled legitimate interest. Which is entirely up to advertisers to categorize.

As annoying as it is, always open up options and manually uncheck cookies.

[–] Imgonnatrythis@sh.itjust.works 41 points 11 months ago (2 children)

Seriously? Why does everything just have to be awful all the time now?

[–] Zink@pawb.social 16 points 11 months ago (1 children)

People moved away from "I want to make a living" to "I need every ounce of money I can get"

[–] cerement@slrpnk.net 15 points 11 months ago* (last edited 11 months ago)

capitalism removed the “I want to make a living” option and forced everyone into “I need every ounce of money I can get just to survive”

[–] BetaBlake@lemmy.world 5 points 11 months ago
[–] myster0n@feddit.nl 6 points 11 months ago

With TCF 2.2 "legitimate interest" is no longer allowed (but that's probably only for IAB members). At our company we already had a rule where we disabled all "legitimate interests" from our vendors, so I assume there are other companies that do the same.

[–] ViscloReader@lemmy.world 33 points 11 months ago

The real MVPs are website not having cookies altogether

[–] hobbicus@lemmy.world 32 points 11 months ago (4 children)

I highly recommend the Firefox extension “I still don’t care about cookies” as a great successor to the original

https://addons.mozilla.org/en-US/firefox/addon/istilldontcareaboutcookies/

[–] LemmyKnowsBest@lemmy.world 5 points 11 months ago (1 children)

by the way, I've always been subconsciously curious but never asked anybody, what happens when we click "ok yes I accept cookies?" And What happens if we click " not ok, I don't accept cookies?"

[–] kamen@lemmy.world 10 points 11 months ago

Depends on the implementation. If you decline, it's either 1) no cookies are written at all and you get promoted again the next time you visit that site or 2) a single cookie is written only remembering that you declined the prompt.

[–] fluckx@lemmy.world 3 points 11 months ago

I think ghostery has an auto decline all that works on most websites.

load more comments (2 replies)
[–] CyberEgg@discuss.tchncs.de 30 points 11 months ago* (last edited 11 months ago) (2 children)

My favorite banner is from geizhals.de that only says "We recognize you set "Do not track" and we respect that."

Edit: autocorrect corrected

[–] TheyCallMeHacked@discuss.tchncs.de 3 points 11 months ago

Yeah, my university's intranet (and I believe also their homepage, but I'm not sure) has the same

load more comments (1 replies)
[–] Rezzit@feddit.de 27 points 11 months ago (1 children)

In Firefox 120+ about:config -> cookiebanners.service.mode 2 (from 0)

No addons required.

[–] dutchkimble@lemy.lol 5 points 11 months ago (1 children)
[–] NationProtons@lemmy.world 10 points 11 months ago (2 children)

This seems to be the config: cookiebanners.service.mode = 1 (reject all) or 2 (reject all or fall back to accept all).

So on 2 it would reject all, and if not possible, accept all.

load more comments (2 replies)
[–] juli@programming.dev 22 points 11 months ago* (last edited 11 months ago)

Istilldontcareaboutcookies + cookieautodelete - you da real mvp

[–] pimeys@lemmy.nauk.io 17 points 11 months ago (2 children)
load more comments (2 replies)
[–] cerement@slrpnk.net 15 points 11 months ago (2 children)

✅ Delete cookies and site data when Firefox is closed

[–] bleistift2@feddit.de 9 points 11 months ago (2 children)

How do you delete data that’s already transferred to their servers while you visit the page? You don’t need a cookie to uniquely identify a user.

https://www.amiunique.org/fingerprint

load more comments (2 replies)
[–] original_reader@lemm.ee 3 points 11 months ago

Every browser can do that. Some can delete cookies when closing a tab or even when leaving a domain for another.

[–] baseless_discourse@mander.xyz 14 points 11 months ago* (last edited 11 months ago) (6 children)

I think they will break laws (in countries with basic respect for human right) if they don't have that option.

load more comments (6 replies)
[–] arc@lemm.ee 12 points 11 months ago (1 children)

Some US news websites still geoblock European visitors rather than fix their site to not track the ever loving fuck out of visitors who say no. So imagine what they're doing to their domestic visitors.

[–] BirdyBoogleBop@lemmy.dbzer0.com 9 points 11 months ago

I liked it when some news sites did plain text only if you didn't accept cookies. So no cookies, no ads and don't have to deal with your crappy css? Why would I ever accept that? It was wonderful.

[–] TWeaK@lemm.ee 11 points 11 months ago (4 children)

But does it really decline all, or are you agreeing to their "legitimate interest" of stealing your data?

Data collection is theft, change my mind.

load more comments (4 replies)
[–] cosmicrookie@lemmy.world 9 points 11 months ago* (last edited 11 months ago) (1 children)

See our legitimate partners (1724)...

I don't want my data sent to 1724 partners just because i am curious to see what that click bait of a title really meant

[–] HonoraryMancunian@lemmy.world 4 points 11 months ago

I think the moral of the story is don't fall for clickbait

[–] Iron_Lynx@lemmy.world 8 points 11 months ago (2 children)

how certain are you that this will truly block them all? Many of these things may have a "Legitimate interest" thing going on, and I do not trust those prompts to object to that by pressing "reject all"

load more comments (2 replies)
[–] TheDarkKnight@lemmy.world 7 points 11 months ago

Should be the default option

[–] Bransons404@lemmy.world 5 points 11 months ago* (last edited 11 months ago)

uBlock origin on Firefox blocks almost all tracking sites. You can enable cookies or disable them, it doesn't matter because they aren't sent anywhere. Unless the site has some homebrew tracking solution.

[–] Delta_V@midwest.social 5 points 11 months ago (1 children)

I hope that includes what other sites would call "strictly necessary". No thanks, if your site won't work without, then I don't need to visit.

load more comments (1 replies)
[–] Valmond@lemmy.mindoki.com 4 points 11 months ago

Ghostery plugin gang rise up!

[–] Cysioland@lemmygrad.ml 4 points 11 months ago

Haha Consent-o-Matic go brrr

load more comments
view more: next ›