Archive for Downsizer For an ethical approach to consumption
 


       Downsizer Forum Index -> IT Matters
vegplot

New ‘Super Cookies’ Can Track Your Private Web Browsing

And Apple users can't get rid of them...

Read more: http://uk.businessinsider.com/super-cookies-hsts-security-private-2015-1#ixzz3OSSR93A8
Nick

Well, they can. They just use something other than Safari. Windows users using Safari also can't get rid of them, presumably? One shouldn't confuse hardware with software.

There's certainly the ability to clear cookies on iOS devices, depending on the browser.
vegplot

Well, they can. They just use something other than Safari. Windows users using Safari also can't get rid of them, presumably? One shouldn't confuse hardware with software.

There's certainly the ability to clear cookies on iOS devices, depending on the browser.


Not owning an iOS can you install browsers other than the built in Safari?
Nick

Yep. I use chrome all the time.
vegplot

Yep. I use chrome all the time.


It was s stupid question. I should know we test against iOS devices.
kGarden

I know squat about HSTS, clearly! :

"Most websites place what’s called a “cookie” on visitors’ computers, which is used to track them and record their preferences. It’s how websites can remember your password, for example."

Really? Can't say I've checked, but I would be worried if Passwords were remembered by cookies My browser pre-fills the ones I've asked it to, I assume it uses something more robust than cookies.

Cookies would store a session number, which would "keep" me logged in, but "passwords"??

"Firefox has since developed a solution to the issue, by no longer carrying HSTS over to private windows. It is, however, a trade-off — favouring “privacy over security,” Greenhalgh writes. If you're trying to buy something from a web site using a private Firefox tab and you load an unencrypted version of the page, then it won't correct you — meaning your credit card info won't be encrypted once you send it."

Surely it would redirect to secure protocol? Otherwise how would it ever switch to secure protocol the very first time you accesses the site?
dpack

privacy requires going dark

partial privacy can be achieved with tor,linux and newer versions of pgp in combination afaik

even(especially)secrecy protocols have back doors

look at or say or do what you are willing to share in a way you are willing to share it with those who might be interested .

as far as mainstream commercial stuff they are only interested it what to try to sell you and what sort of risk you pose to their investment in insurance .
vegplot

Really? Can't say I've checked, but I would be worried if Passwords were remembered by cookies My browser pre-fills the ones I've asked it to, I assume it uses something more robust than cookies.

They're often stored in a locally stored file as far as I know.

The article is more of a heads up rather than anything proactive someone can do as an end user.
dpack

re passwords

dont do anything online that requires security and then passwords dont really matter

put a limit on paypal etc that requires a phone call and further security to exceed ,dont do online banking or use a debit card (duh)etc,dontb post birthdays addresses etc.

online security is a myth ,just ask yourself if only god knows everything why does he report to mossad even when he does not mean to?

the correct answer to that question would show promis. Laughing
oldish chris

I use Firefox.

If I decide to go somewhere inadvisable, (usually to see which sucker's system wants me to log on to their version of Paypal and confirm my details) I use a strange browser called Midori with privacy settings on.

However, when I close my browser down for the day (I like to close down completely, in the olden days we called it a "graceful close-down"), my lappy is still busy, system monitor tells me that its firefox (but its disappeared from the laptop).

I wonder what the bloomin thing is up to? Sorting out its cache of tracking and advertising stuff?
kGarden

when I close my browser down for the day (I like to close down completely, in the olden days we called it a "graceful close-down"), my lappy is still busy, system monitor tells me that its firefox (but its disappeared from the laptop).

Pah that's nothing! When I boot up and BEFORE I open Chrome, its grabbed itself a GB or so of memory ... I have NO idea what it is up to at that point ...
dpack

that sounds like a serious secure and clean might be required vegplot

I use Firefox.

If I decide to go somewhere inadvisable, (usually to see which sucker's system wants me to log on to their version of Paypal and confirm my details) I use a strange browser called Midori with privacy settings on.

However, when I close my browser down for the day (I like to close down completely, in the olden days we called it a "graceful close-down"), my lappy is still busy, system monitor tells me that its firefox (but its disappeared from the laptop).

I wonder what the bloomin thing is up to? Sorting out its cache of tracking and advertising stuff?

Linus Torvalds knows exactly what you do and when you do it.
oldish chris

I use Firefox.

If I decide to go somewhere inadvisable, (usually to see which sucker's system wants me to log on to their version of Paypal and confirm my details) I use a strange browser called Midori with privacy settings on.

However, when I close my browser down for the day (I like to close down completely, in the olden days we called it a "graceful close-down"), my lappy is still busy, system monitor tells me that its firefox (but its disappeared from the laptop).

I wonder what the bloomin thing is up to? Sorting out its cache of tracking and advertising stuff?

Linus Torvalds knows exactly what you do and when you do it. You do realise that you are offending my deeply held beliefs. Wink vegplot

You do realise that you are offending my deeply held beliefs. Wink

Excellent!
oldish chris

You do realise that you are offending my deeply held beliefs. Wink

Excellent!

Sitting there thinking whilst drinking tea, it occurred to me that I'm way, way more worried about getting a computer virus than of the risks of going to Hell! We must keep our priorities right.
dpack

this wont give "privacy"but it will get rid of pop up targeted adverts etc etc

download no script ,ad block plus and ghostery (well in billdoze os's) all are freeware( and seem backdoor free as well but im not smart enough to be certain).
this will block most cookies and re directs etc and they seem to compliment each other quite well

it is a bit of a pain to have to click a temporary allow this page button to see embedded video clips ,use java enabled comments etc etc but compared to getting one third page and two thirds adverts on the screen and wasting lots of bandwidth reporting to all and sundry that you read the footie results or like ballet or whatever.

the online news papers for example are pretty intrusive and sometimes there are many scripts,several objects and lots of cookies waiting forlornly at the gates Laughing
oldish chris

Thanks dpack. Made an improvement! dpack

yous welcome Wink

there are linux versions as well Wink Wink
oldish chris

yous welcome Wink

there are linux versions as well Wink Wink yup, the only OS I've bothered to learn how to use in the past 10 years. dpack

it does give more "bang for the buck" on most machines Laughing

unless im suckered into mainstream,like on this one cos i believe i need to run billdoze (what is a mac?)software such as pro level photoshop or falcon

the linux doze emulator wont run top end stuff for me
oldish chris

quality is "conformance to requirements".

When i first installed Linux, my top requirement was "free". Ability to develop sophisticated graphical websites wasn't on the list.

Having had the odd malware problem, not to mention once being hoaxed into stuffing up my PC, I'm comforted by Linux's reputation for security.

I keep tabs on developments, but the experts tell me that the way a typical end-user Linux system is set up, I'm close to bullet proof. (BTW /home directory encryption is an pain, and a software bug in my version of something means that if I need to use swap disk I've got some actual command line operating to do).

The one thing that was concerning me was that when I did a graceful closedown, with no active windows, I was still using the equivalent of 25% of a powerful CPU. Since I've installed ad-blocker, pages load more quickly and 2 seconds after closing the browser, everything is quiet.
vegplot

Since I've installed ad-blocker, pages load more quickly and 2 seconds after closing the browser, everything is quiet.

Reassuring.
vegplot

Ghostery is good BTW. Works on most browsers and a beta is available for IE. dpack

ghostery is ace ,i find it blocks the cookies that try to sneak in if i let the noscript blocker to temporarily allow movie clips or java stuff

and it tells you which sites are harvesting visitor's habits and selling the data.online news are very keen on targeted advertising etc

it isnt just about data harvest there are scripts etc that will lead the machine to places with malicious code.that type of attack can be missed even by goodish anti virus/anti malware stuff

i spose it is a bit like having curtains to stop folk staring at one eating toast

ps downsizer is very polite about data harvest Very Happy
       Downsizer Forum Index -> IT Matters
Page 1 of 1
Home Home Home Home Home