Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Wed 19 Jun 2013, 13:44
All times are UTC - 4

 Forum index » Off-Topic Area » Security
persistent forms of cookies described.
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [6 Posts]  
Author Message
nooby

Joined: 29 Jun 2008
Posts: 9479
Location: SwedenEurope
PostPosted: Tue 27 Sep 2011, 21:22    Post subject:  persistent forms of cookies described.  
http://nikcub.appspot.com/persistant-and-unblockable-cookies-using-http-headers
Quote:
The problem with these techniques is that they bypass user and browser privacy settings centered around cookies. You can block all cookies and yet ETag, Last-Modified and other methods can be used to track your browser.

In terms of Last-Modified, the spec says that it should be a date - but it also mentions that there are potential issues with the clock being out of sync. Most library implementations simply store and replay the date string - they do not bother attempting to parse it since date parsing is such a pain in the ass. Browsers are doing the same thing, which is why this bug exists. It means that Last-Modified works just as well as a cookie, but without the privacy controls

I will be filing a bug report with the open source browsers and requesting that the date is parsed properly. This won't completely solve the problem, since users can still be tracked by setting a unique datetime - but perhaps one of the more innovative browser's will come up with a solution where the time is rounded off to the nearest hour, and some basic sanity checking is done. There is no other real solution, other than clearing and disabling your cache, but conditional GET's still take place during a browser session with some browsers.

Try this bug out yourself by using the demo page I have setup.


Interesting stuff but I am not clever enough to know what to do about it.

Does it help to manually delete the files that store it? Where?
_________________

I'm a noob so I use Google Search of Puppy Forum
Back to top
View user's profile Send private message 
Sylvander

Joined: 15 Dec 2008
Posts: 2885
Location: West Lothian, Scotland, UK
PostPosted: Wed 28 Sep 2011, 02:22    Post subject:  
What I normally do...
Is to not save the session.
i.e. No auto-save during the session...
And choose to not save at shut-down.

Don't know enough to be sure that effectively does the job of not saving any of the cookies stored by the web-browser.
Back to top
View user's profile Send private message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15109
Location: Paradox Realm
PostPosted: Wed 28 Sep 2011, 03:15    Post subject:  
Use Growl Security enhancements in the Beta 5 of Slacko
Menu/Network
_________________
Puppy WIKI
Back to top
View user's profile Send private message Visit poster's website 
nooby

Joined: 29 Jun 2008
Posts: 9479
Location: SwedenEurope
PostPosted: Wed 28 Sep 2011, 09:35    Post subject:  
Thanks guys, both of these solutions needs the knowledge you two have Smile

Sylvander. Yes I did a few experiments but I guess me not clever enough

and most importantly as long as you have the partition mounted that you boot from. And to unmount it while you have booted from it usually is not recommended is it? Then the cookie is set either way so them follow you until you reboot.

So does it really help? Okay it is gone after you reboot but that could be hours down the lane Smile

Lobster. I guess I should look into that one then.
But I am using SnowPuppy 5 most of them time and Lupu 528 next
and Slacko I only boot to be able to give reports on it.

it refuses to show pictures in 1024 x 768 so Slacko B1 to B5 is not for me!
_________________

I'm a noob so I use Google Search of Puppy Forum
Back to top
View user's profile Send private message 
Sylvander

Joined: 15 Dec 2008
Posts: 2885
Location: West Lothian, Scotland, UK
PostPosted: Wed 28 Sep 2011, 12:58    Post subject:  
1. "...as long as you have the partition mounted that you boot from. And to unmount it while you have booted from it usually is not recommended is it?"
(a) Yes, the partition holding the pupsave file is auto-mounted, but I don't understand why you mention unmounting it. Confused
It isn't necessary to unmount [or is the proper term dismount?] the partition.
So no problem there.

2. "Then the cookie is set either way so them follow you until you reboot."
That's true, but...
It takes little effort/time to reboot.
And I do that often and frequently.

3. "So does it really help?"
I believe it does.

4. "Okay it is gone after you reboot but that could be hours down the lane"
I'm never online for hours at a time.
Normally work in short bursts of 1/2 or 1 hour.
Normally during a single session I only go to [at most, probably] 1 website that might leave cookies I wouldn't like, so...
I go to that at the end of a session.
Anything I want to save I do at the beginning of the session, and save then.
The stuff I don't want saved is done at the end of the session and not saved.
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 9479
Location: SwedenEurope
PostPosted: Wed 28 Sep 2011, 17:32    Post subject:  
Yes one have to be that at it so them give up on following us around Smile

They made comments about FaceBook and it's tracking of users today in the local news here from Finland and Sweden's TV stations.
And IDG News has texts about it too. Some 60% disapprove of the latest policies of FB. Them abuse our privacy many seems to think.

so it is sad that such people should have that much power over us.
_________________

I'm a noob so I use Google Search of Puppy Forum
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [6 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

[ Time: 0.0445s ][ Queries: 12 (0.0029s) ][ GZIP on ]