From kde-usability Mon Aug 18 13:30:13 2003 From: Gav Wood Date: Mon, 18 Aug 2003 13:30:13 +0000 To: kde-usability Subject: Re: Security and usability X-MARC-Message: https://marc.info/?l=kde-usability&m=106121352517360 > > They don't know *who* you are, but maybe in two years > > they get access to data that let's them assign your real name to your > > cookie. And then suddenly you are not anonymous anymore, even the things > > you did two years ago can be connected to your name. Is that "harm"? Yes, > > I think so. me too. > The same could be said about IP-numbers so we all had to start using > anonymizing proxies for everything. ip numbers are different in concept to cookies for several fundamental reasons. a nat, proxy or anonymising firewall will all provide an unreliable "tag" of a user. cookies provide a far more reliable tag of a user (technically cookies tag a browser installation on a specific hard disk, which is far more closely liked to the user than the ip address of the machine that initiated the http session). essentially, if ip address were a lot better than cookies for keeping track of the user, cookies would be obseleted. but they're not, which is why cookies have their niche and ip address are not considered reliable enough for user tagging. > So I'm really very sorry when I don't see how annoying user's with > cookie-warnings is increasing privacy. in essence you are right in that ip address could be used to tag some users better than cookies (namely those with static ips who connect directly to the website). however in the general case cookies perform the job better. what's more, it's far easier and costs much less (in features, time, money) to simply discard a cookie than to completely anonymise your http session. so if all cookies that are not neccessary to the functioning of a website were discarded, then it *would* surely lead to increased privacy. now, let's relate this to usability: i would imagine most users (generally) do not want to be bombarded with cookie acceptance questions each time they go to a random website. i personally don't mind "sifting through the rubbish" and only letting legitimate cookies through, but everytime a friend uses my machine they get annoyed with the incessent dialogs. so the software should become more clever and automatically accept cookies that are definately good (session cookies?), reject cookies that are bad (cookies from another server) and do something useful like tentatively accept cookies of unknown karma with an ignorable but informative passive popup. gav -- Gav Wood codito ergo non satis bibivi _______________________________________________ kde-usability mailing list kde-usability@mail.kde.org http://mail.kde.org/mailman/listinfo/kde-usability