Thomas Reinke wrote: > There is no easy patch to this problem. The only solution I > can think of, which is not an easy one, would be to have browsers > have intimate knowledge of what constitutes an organization's > "domain of influence", and limit cookies accordingly. This > is essentially impossible to implement. A better solution would be explicit (ie: finer grained) control of cookies. Not as finely grained as the prompt option of Lynx, but more specific than the current Netscape settings. > (Consider domain.city.state.country - where is the allowable > domain of influence here? Probably 4 levels deep, but how > to indicate this to the browser). Perhaps this would be an exercise best left up to the user, as there is currently no way to indicate the scope of the authority (harmless TLD, country, normal domain, etc) in the DNS system. [snip] > Unless someone can think of some sinister twist to which this > capability can be put to use? Considering the recent doubleclick.net situation, by which they were able to track people across all sites that had doubleclick.net banners (thanks to the cookie specification allowing for cookies to be sent with images as well as HTML content), and was able to correlate this with a database the company had merged with earlier in the year. They claimed they'd not used the information for tracking, and were found to be lying. They've once again claimed to allow people to opt out via another cookie, and are currently being sued in California. This is why I reccomend using a tool like junkbuster (http://www.junkbuster.com and http://www.waldherr.org/junkbuster/ ) which allows explicit "opt in" cookie control for domains that is transparent to the end user (once it is set as a proxy via a manual setting or auto configure URL). You can set it to deny or allow all cookies by default, and allows for exclusions to the deny policy of read only cookies, and read write cookies (ie: certain domains can get and set, while others can only get). -- Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread!
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:33:46 PDT