Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sat 25 Oct 2014, 12:13
All times are UTC - 4
 Forum index » Off-Topic Area » Security
persistent forms of cookies described.
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 1 of 1 Posts_count  
Author Message
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Tue 27 Sep 2011, 21:22    Post_subject:  persistent forms of cookies described.  

http://nikcub.appspot.com/persistant-and-unblockable-cookies-using-http-headers
Quote:
The problem with these techniques is that they bypass user and browser privacy settings centered around cookies. You can block all cookies and yet ETag, Last-Modified and other methods can be used to track your browser.

In terms of Last-Modified, the spec says that it should be a date - but it also mentions that there are potential issues with the clock being out of sync. Most library implementations simply store and replay the date string - they do not bother attempting to parse it since date parsing is such a pain in the ass. Browsers are doing the same thing, which is why this bug exists. It means that Last-Modified works just as well as a cookie, but without the privacy controls

I will be filing a bug report with the open source browsers and requesting that the date is parsed properly. This won't completely solve the problem, since users can still be tracked by setting a unique datetime - but perhaps one of the more innovative browser's will come up with a solution where the time is rounded off to the nearest hour, and some basic sanity checking is done. There is no other real solution, other than clearing and disabling your cache, but conditional GET's still take place during a browser session with some browsers.

Try this bug out yourself by using the demo page I have setup.


Interesting stuff but I am not clever enough to know what to do about it.

Does it help to manually delete the files that store it? Where?

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send_private_message 
Sylvander

Joined: 15 Dec 2008
Posts: 3463
Location: West Lothian, Scotland, UK

PostPosted: Wed 28 Sep 2011, 02:22    Post_subject:  

What I normally do...
Is to not save the session.
i.e. No auto-save during the session...
And choose to not save at shut-down.

Don't know enough to be sure that effectively does the job of not saving any of the cookies stored by the web-browser.
Back to top
View user's profile Send_private_message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15117
Location: Paradox Realm

PostPosted: Wed 28 Sep 2011, 03:15    Post_subject:  

Use Growl Security enhancements in the Beta 5 of Slacko
Menu/Network

_________________
Puppy WIKI
Back to top
View user's profile Send_private_message Visit_website 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Wed 28 Sep 2011, 09:35    Post_subject:  

Thanks guys, both of these solutions needs the knowledge you two have Smile

Sylvander. Yes I did a few experiments but I guess me not clever enough

and most importantly as long as you have the partition mounted that you boot from. And to unmount it while you have booted from it usually is not recommended is it? Then the cookie is set either way so them follow you until you reboot.

So does it really help? Okay it is gone after you reboot but that could be hours down the lane Smile

Lobster. I guess I should look into that one then.
But I am using SnowPuppy 5 most of them time and Lupu 528 next
and Slacko I only boot to be able to give reports on it.

it refuses to show pictures in 1024 x 768 so Slacko B1 to B5 is not for me!

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send_private_message 
Sylvander

Joined: 15 Dec 2008
Posts: 3463
Location: West Lothian, Scotland, UK

PostPosted: Wed 28 Sep 2011, 12:58    Post_subject:  

1. "...as long as you have the partition mounted that you boot from. And to unmount it while you have booted from it usually is not recommended is it?"
(a) Yes, the partition holding the pupsave file is auto-mounted, but I don't understand why you mention unmounting it. Confused
It isn't necessary to unmount [or is the proper term dismount?] the partition.
So no problem there.

2. "Then the cookie is set either way so them follow you until you reboot."
That's true, but...
It takes little effort/time to reboot.
And I do that often and frequently.

3. "So does it really help?"
I believe it does.

4. "Okay it is gone after you reboot but that could be hours down the lane"
I'm never online for hours at a time.
Normally work in short bursts of 1/2 or 1 hour.
Normally during a single session I only go to [at most, probably] 1 website that might leave cookies I wouldn't like, so...
I go to that at the end of a session.
Anything I want to save I do at the beginning of the session, and save then.
The stuff I don't want saved is done at the end of the session and not saved.
Back to top
View user's profile Send_private_message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Wed 28 Sep 2011, 17:32    Post_subject:  

Yes one have to be that at it so them give up on following us around Smile

They made comments about FaceBook and it's tracking of users today in the local news here from Finland and Sweden's TV stations.
And IDG News has texts about it too. Some 60% disapprove of the latest policies of FB. Them abuse our privacy many seems to think.

so it is sad that such people should have that much power over us.

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 1 of 1 Posts_count  
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » Off-Topic Area » Security
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0549s ][ Queries: 12 (0.0054s) ][ GZIP on ]