Firefox Will Soon Block Third-Party Cookies

124 点作者 PhearTheCeal大约 12 年前

14 条评论

chewxy大约 12 年前

I don't really like this. I work in the advertising industry and retargeting is honestly one of the most exciting things to come out.Sure there are ways of cookieless retargeting, but it is a hassle. I mean, everyone's heard of Samy's Evercookie right? Then there are TCP stack signatures, and other companies like a few European DSPs that use cookieless tracking to track a person (IMO it's quite easy to use a GET pixel to actually capture a person's TCP stack).You can use 3rd party cookies for good and evil. For example, for my personal project, Fork the Cookbook (<a href="http://forkthecookbook.com" rel="nofollow">http://forkthecookbook.com</a>) I'm working on using pixel drops to track how many people fork recipes from embedded recipes (how else would one measure success of an idea). Most analytics softwares like Google Analytics uses 3rd party cookies.I'm not too sure about evil uses of 3rd party cookies. I do not consider retargeting to be evil. Other stuff like tracking browsing history can be done but it is extremely inefficient, and does not really return much for the amount of time and effort invested into it.What about PII you ask? Start with drop sites, where people willingly submit their personally identifiable information, and then it's up to the DMPs to actually correlate the data, which can then be used as ad targeting information. As far as I can tell, even with the big hoohaa over companies like Rapleaf, the truth of the matter is that it's very very inefficient so far.Privacy is simple IMO. Don't submit your information to websites that ask for anything more than what is needed. Banning third party cookies is like using a cannon to shoot a mosquito.

评论 #5272190 未加载

评论 #5272092 未加载

评论 #5272079 未加载

评论 #5272148 未加载

评论 #5272101 未加载

评论 #5272113 未加载

评论 #5272873 未加载

评论 #5272117 未加载

评论 #5272614 未加载

评论 #5272676 未加载

评论 #5272940 未加载

评论 #5272833 未加载

NelsonMinar大约 12 年前

I blocked third party cookies in Chrome for awhile and finally gave up. It broke a surprising number of things, particularly Disqus embeds. Also the Instapaper bookmarklet although I admit that's a nerdy special case. Hopefully Firefox will have a way to let the user enable the few places where third party cookies are desired. That's a hard user interaction to get right.(Disqus apparently now works without third party cookies: <a href="http://help.disqus.com/customer/portal/articles/466235-enabling-cookies" rel="nofollow">http://help.disqus.com/customer/portal/articles/466235-enabl...</a>)

评论 #5272279 未加载

评论 #5272248 未加载

评论 #5272308 未加载

评论 #5272950 未加载

评论 #5272463 未加载

评论 #5272171 未加载

评论 #5272486 未加载

robmil大约 12 年前

For those about to bemoan the breaking of things like Google Analytics: this patch only blocks third party cookies from domains that the user has never visited before. Since 99% of your visitors will have visited google.com, your Analytics should continue to function even after this update.

评论 #5272063 未加载

评论 #5272128 未加载

评论 #5272088 未加载

jacquesm大约 12 年前

Excellent. Now we need to block third party javascript and then we have a chance at a more secure web. After all, any third party javascript could be done by an underwater call between the server and the provider of the service.

评论 #5272068 未加载

评论 #5272295 未加载

JoshTriplett大约 12 年前

I don't actually think this policy will have the desired effect of improving privacy and similar.While I do think advertisers and analytics abuse third-party cookies, they also have a dozen other things they can switch to that the browser provides fewer facilities to control: <a href="http://samy.pl/evercookie/" rel="nofollow">http://samy.pl/evercookie/</a>Meanwhile, any legitimate services that rely on third-party cookies would have little choice but to switch to whatever mechanism the advertisers switch to, to remain functional.

评论 #5272443 未加载

评论 #5272234 未加载

sokrates大约 12 年前

This is awesome. I have had third-party cookies disabled in Chrome for a long time now, and I rarely experienced any issues with embeds (Disqus being the noteworthy exception). While Idespise third-party tracking embeds in general, they have gained significant traction on the web (the worst offender is of course Facebook). Since many people think site owners cannot be blamed for that (I think they can), blocking third-party cookies to me is the next best thing for the end user. Also, it's just intuitive to me; when I visit a shop, and I identify myself to the clerk, why should I automatically identify to all bystanders in the shop?

unclebucknasty大约 12 年前

With so many APIs in use, integrations, etc, there will be the potential for a lot of broken stuff. And many non-tech users won't understand why some sites suddenly stopped working. It will just present more challenges for developers of good apps that users want, in order to stop one set of specific behaviors that they do not want.But advertisers won't just go home. They will find other ways to reach people with possibly more obnoxious and/or invasive tactics.Reminds me of the spam problem. With all of the spam "solutions" and policies in place, it is now much harder than it should be for legit businesses to send emails to customers who've requested them. Yet spammers are still doing their thing with impunity.

Dylan16807大约 12 年前

<a href="http://yro.slashdot.org/comments.pl?sid=3488893&cid=42991759" rel="nofollow">http://yro.slashdot.org/comments.pl?sid=3488893&cid=4299...</a>Uh oh. Any site that you visit even once can give you a cookie and suddenly become immune to third-party blocking.

评论 #5272271 未加载

dfgonzalez大约 12 年前

I don't like this, beyond the discussion if 3rd party cookies are good or bad, these measures are always for the worst.Not long ago IE set DoNotTrack by default. What happened? Every single company that respected the user decision for DoNotTrack, stopped doing so since it wasn't the user, but a browser the one who decided that.Long story short: All the effort done with DoNotTrack was wasted.With this story, cookie tracking is far from perfection. It might be great for ad companies, might me useful for retailers and might be creepy for some users, but IMO is the safest way there's to date to keep the equilibrium. There are choices to be protected from cookie tracking and there's plenty of information.

评论 #5273044 未加载

lubos大约 12 年前

I don't think third-party cookies are such a big deal. It won't stop retargeting (workarounds are possible) so what is it really solving?

评论 #5272278 未加载

gtani大约 12 年前

Per links on Duckduckgo, i installed FF plugins: noScript, privacyFix, doNotTrackMe, HTTPS everywhere, adBlock. Now maybe 5-8% of sites i visit show no content whatsoever, and maybe 1/3 of all sites total are broken. For those, Chrome<a href="http://fixtracking.com/#firefox" rel="nofollow">http://fixtracking.com/#firefox</a>

taf2大约 12 年前

this is short cited. we don't even know or can imagine the type of interesting applications we are eliminating by saying no to third party cookies. I remember building a reservation widget that loaded via an iframe on a third party domain. Perhaps we would want to maintain some of the reservation history on the users browser (e.g. third party cookie). I believe this would still work, but as we continue to focus only on the use case of advertising and blocking re-marketing ads... we should remember there are other legit use cases for third party cookies.

cft大约 12 年前

I cannot fully rationalize it, but I intuitively feel that this "holier than thee" Mozialla's approach will ultimately contribute to Firefox's demise.

评论 #5272213 未加载

评论 #5272392 未加载

dangrossman大约 12 年前

"Firefox Abandons Standards, Will Soon Stop Honoring HTTP Specification, Throwing Away Valid Headers It Doesn't Like". Admittedly, I'm biased.

评论 #5273032 未加载