Mozilla, Google and privacy

Posted Aug 15, 2009 20:01 UTC (Sat) by Tobu (subscriber, #24111)
In reply to: Mozilla, Google and privacy by njs
Parent article: Ubuntu removes "multisearch"

Yeah, but it is ineffective.

I have this option in Chromium and Firefox. All it does is check that the cookie setter (RFC 2965, the dom, maybe equivalents in html5 dom storage) requests a domain compatible with the current domain.

Content included from another domain works around it, and here both Firefox and Chromium have a myriad of cookies from adservers (these aren't leftovers, they get removed at the end of a session through another firefox setting).

The problem is that the effective way to prevent this (namespace cookies with the referer domain in addition to the cookie domain) hasn't been implemented, and these settings are just a distraction. I haven't tried Safari, but at least for the browsers I use, exposing them as "block third party/tracker/adserver cookies" is misleading. Maybe there is a reason fixing this is not that simple, but I suspect the reason is a big conflict of interest.