I never seen it summarized so fucking well. And meanwhile, it happens CONSTANTLY, but they pretend it’s impossible to happen and never has actually happened
With quantum computing around the corner that key is useless. So not only is my data then shared with the EU, china and US will also have a little look
Hey, what’s up guys ! it’s me, ya boy SlickPunk278…Nathan…Today, I am gonna be Beat boxing the tetris theme to the beat of my dying wife’s heart rate…Nathan, for the love of God, call the nurse…ready guys ? Let’s go! 122pbm…146bpm…Nathan,please!…167pbm… please help me …184bpm…it hurts …202pbm…That was it ! Hope you enjoyed it guys. Don’t forget to like and subscribe, we’re so close to 100 subs !
Besides using session cookies, they can track user agent and IP address. The two in combination will be unique enough. There are further metrics to make a unique identifier, but I think this is sufficient explanation.
Edit: Seems like people who don’t know how to program besides super default methods are downvoting me.
You don’t need cookies to hold session ID. If you programmed in the earlier days, you’d actually even know cookie session wasn’t even the most common method before. For example, session ID can be passed around in the URL as another query parameter. You can even literally turn off cookie option in sessions in languages like PHP (ex: www.php.net/manual/en/session.configuration.php#i…). These kind of practice is still relatively quite common as it allows greater flexibility and not have your session ID bound to a domain.
Furthermore, you don’t have to be restricted by the confines of whatever existing tools you already have. Like in the example I gave at the beginning, you can create your own unique identifiers. You don’t have to use preexisting concept of session at all. If you can create any unique key-value pair, you can track and keep data without the use of sessions. Programmers are hired to create things that never existed before, be more creative.
Either you store it in a cookie which the browser passes to the server for you, or you store it in a url parameter and you (or your html / temp laying Generation framework, or some JavaScript manipulation) needs to ensure all links or other server calls like POST, will need to include that session ID passed back to the server.
And this talk about IP addresses is complete nonsense because of Proxies and NAT and a ton of other reasons. You can attempt to use it in combination with a session ID, but you certainly cannot use that alone.
Actually for most people, the browser sends enough information in the headers, ignoring cookies, to identify them as unique. You can check out an experiment about this at www.amiunique.org/fingerprint. Combining that with an ip gets you pretty close.
Well that’s still a form of session ID. But you are saying things like “most people” and “pretty close”, so it’s not a very good session ID, since it’s not guaranteed to be unique.
First of all, this comment chain is about being able to keep tabs on someone without storing information locally on the user’s computer. If we create a new form of session ID equivalent that doesn’t store information locally, I have achieved the goal to the problem that was raised. The issue wasn’t whether or not we needed concept of something equivalent to a session ID.
[…] will need to include that session ID passed back to the server.
Yes, that’s exactly what we used to do in the '00s. Look at softwares like osCommerce v1 and 2. We literally put money behind this method of tracking.
And this talk about IP addresses is complete nonsense because of Proxies and NAT and a ton of other reasons. You can attempt to use it in combination with a session ID, but you certainly cannot use that alone.
Yes, you can use that alone. Without session ID. The other commenter already addressed why this isn’t true. Also context matters. Pretty close is a good enough of a session ID replacement for purpose of tracking whether or not they consented to the cookie policy. If I did a concat of IP, and various fingerprints (and put a hash on it to make it shorter), I can easily reach one in trillion probabilities. I wouldn’t build a secure military website on it because it’s easily forgeable, but it’s more than enough for cookie policy popup.
Depends on how the site is written to handle it. There's plenty of shopping carts, for instance, that do this. Other stuff, too. Here's a discussion of how it can be done with PHP on the server side. There's other options, as well.
it makes sense but the comic is slightly confusing because I think the character should be smiling in the last frame, as if thinking, hey they didn’t lie, it really doesn’t use cookies
make site notification that they don’t use cookie actually use cookie but code pages to always display notification be celebrated by users sell tracking data win from both ends
this is why I’m suspicious of everyone, all the time
TBH if you don’t restart then it’s going to take an hour before it lets you log in the next time you boot up. Just keep it going on Hibernate until you’re ready to let it update.
memes
Oldest
This magazine is from a federated server and may be incomplete. Browse more on the original instance.