

Good cookie (Memcache version) - gabriel_b
http://www.gab.lc/scripts/good_cookie.php

======
gnosis
This is exactly the sort of thing developers who care about privacy can avoid
doing, and oppose when someone else does it.

See the following[1] article and thread for a discussion of why such
opposition is necessary (if it isn't obvious to you already).

[1] - <https://news.ycombinator.com/item?id=5386249>

~~~
jdangu
Your comment is not very constructive...

Of course, there is a strong divide between the internet industry (driven for
a large part by advertising) and the proponents of an ideal Internet that
respects people's privacy.

It seems to me that web publishers should be allowed to decide what ad
tracking they want to set up to monetize their website, as long as it's
disclosed and you can opt out. You're also free to take any action that you
deem to protect yourself against such tracking.

~~~
PavlovsCat
_as long as it's disclosed_

On the site for this thing it says it's " _100% transparent for the users_ ",
which is the exact opposite.

~~~
gabriel_b
As much as you guys are right in term of user's privacy, there are a few
points to remember :

\- data is anonymous. There is no easy way to retrieve all keys from Memcache
anyway. Its only purpose is to imitate the cookie's behavior. It won't store
more, it won't store less.

\- I strongly agree that users should be able to deny third party cookies or
cookies in general if they want. That is their right to privacy. However,
Firefox's move is going to kill the business of thousand of companies all
around the world (ad networks and traffic analysis companies) and I believe
that is an selfish move on their part. You should think about other people
when you develop these types of tools and activate them by default.

I think it's normal for us to defend our jobs.

~~~
PavlovsCat
_I think it's normal for us to defend our jobs._

It's not normal to stumble blindly into them. It's not like people wake up one
morning with randomly assigned jobs. Depending on the kind of job, it's also
normal for everyone else to defend themselves against that job. Avoid such
jobs.

------
seppo0010
That code implies that two computers using the same browser from the same IP
will share sessions, or I'm reading it wrong?

~~~
byroot
Yes, they will share their cookies. So if you use these "Good Cookies" (sic)
to store your session key you will have some huge troubles with corporate
proxies and also 3G connections since a lot of mobile ISP transparently proxy
HTTP and that a lot of people use the same mobile browsers.

~~~
jdangu
Why would you store your session key with this? It's not meant for first-party
domains.

~~~
drivebyacct2
Ironically, it's probably at least as useless for third-party trackers.

Here [advertiser], here's statistics that could correlate to a user, or to a
group of users at a conference, or to a group of random people at a coffee
shop or some disjoint group of people sharing wifi at an apartment complex.
Sorta defeats the point of tracking.

------
snaky
But there is cookie handover technique that uses 1st party cookie

<http://www.liesdamnedlies.com/2006/11/the_joys_of_cro.html>

------
yahelc
Google Analytics uses first party cookies, not third-party cookies, so it is
unaffected by Firefox's changes.

------
ratherbefuddled
An extremely naive implementation of a morally dubious idea. Not a good advert
for the company behind it.

Would a good solution be to have your browser spoof the user agent to FF21?

------
cbsmith
Welcome to ad serving 101.

------
pasbesoin
I've been watching this whole "tracking" thing, along with now this latest
twist. I avoided writing this reaction the other day, but now:

 _If you have to hound me to sell me your product, you've already failed._

I realize this doesn't reflect the reality of the world, and perhaps myself --
were I to reflect in a fully informed fashion upon myself. But it is my
considered, "rational" reaction and approach to the situation.

Make a quality product that is useful to me, and I'll seek you out. Otherwise,
fuck off. You and your business model can crawl off into a dark corner and
die, please.

Oh, is that a bit harsh? You deserve no better, you "business" (ueber alles)
absolutists.

~~~
spullara
This really makes no sense. How will you seek out a product or solution that
you don't know exists?

~~~
pasbesoin
Some degree of analytics to determine how users are interacting with your
online property, I understand. And, I understand that many want to source
those analytics to a third party (e.g. Google Analytics).

However, the third party tracking that enables advertisers to notice a view or
interest and then "haunt" users across multiple sites for days with ads
related to that view?

That aggregate and warehouse such knowledge, building up extensive profiles
that become their own form of property and that may be used and sold against
the target user's own best interest? (So, you're looking at information
related to diabetes? I bet health insurers would be interested in that...)

I have very little sympathy for those use cases.

------
drivebyacct2
And the rest of us will start setting up to sue the first person to use this
and simply hand off my cookie to the other person sitting at the same coffee
shop as me.

