Essentially, when browsers started to initially implement toggles to block third party cookies more than a decade ago, advertisers in response pressured website hosts to mark their cookies as "essential/required" (AKA forced cookies). You will not get the same revenue as a website host if you do not play ball with this, and some go even a step further by routing/disguising their cookies through trusted domains (google, amazon, etc...) to mask the "true source" , in an attempt to mitigate detection from basic browser filters.
Ublock Origin and the like are pretty good at catching most of them through crowdsourced lists though.
Firefox's total cookie protrction is excelent. Basically cookies are sandboxed into site spesific boxes. So ie a facebook cookie can not be read by the favcebook script on another site. Only on the site that set the original cookie.
I'm not aware of that specifically, but LibreWolf by default blocks all cookies and allows you to set specific sites which can store cookies, very easily, using a sitr whitelist.
This combined with ublock origin should improve your privacy a lot without sacrificing any usability at all.
under settings,privacy and security, under cookies and site data (just above the "Clear cookies and site data every time you close Firefox" box) there's "manage exceptions" that will exclude your favorites from getting erased every time.
The firefox extension "forget me not" allows you to fully control which cookies are retained, which are deleted, and how/when. It's easy to customize individual sites on the fly. And it's open source!
Combined with "I still don't care about cookies," you almost never see or have to deal with another cookie consent banner.
Thanks, but not thanks, I don't want to be logging in every site every single time I restart my browser; I just simply use AdNauseam with DandelionSprout lists (not all tho), NoCoin lists, the integrated lists, then I use Decentraleyes for not having to depend on external CDNs for almost anything, HaGeZi as my DNS provider, and OpenSnitch for system-wide interactive blocking of any suspicious domains or IPs...
Oh, and hBlock, just to add a little more of paranoia, and ClamAV with Clamd and ClamOnAcc.
2nd panel means you have to do it again and again for every new website you visit, or if you clear cookies regularly. Using the ublock addon, you have to enable this setting once, and it is persistent across sessions.
Also getting rid of cookie banners doesn't mean the site won't track with third party cookies. The cookies are ON by default and until you tell them to turn it OFF, they keep the cookies on.
That's a good point.
However in the EU it should be the opposite - otherwise the site is violating GDPR.
Sometimes I have a feeling sites do whatever they want anyway regardless of bow many dark patterns I click through to find the "no" and "off" buttons because there are no real repercussions. Just like the "do not track" request and "robots.txt" are essentially useless.
That shit should be illegal. Accept all / reject all. That's it. If somebody is disabling cookies, literally nobody in the entire world wants any of them! "Oh yeah, please, only keep my location data but not the data about my purchase decisions"...
The EU didn't force anyone to have the cookie banners. If the site only uses nessecary cookies - the kind you can't turn off in the prompt - there doesn't need to any prompts because that's perfectly fine. The intrusive, obnoxious and deliberate confusing popups are from data harvesters throwing a tantrum because they can't stalk you every waking second any more, and complying in the most malicious and disrespectful way they can.
Cookie banners are nothing to do with the EU and everything to do with tech-bros.
The EU knew about DNT signals before GDPR was finalized and decided to ignore them. I know, I was a web dev at that time (and still am, yes I'm ancient in internet years). This is on the EU and techbros, but having internet explorer and other browsers like firefox (not sure if chrome did it?) enabling DNT by default would make tech bros upset, and the EU couldn't have that, so they made the tech bros a little happier by allowing the consent banners instead.
From the working party back then, which was promptly rejected in the final GDPR we have today:
2016
The Working Party recommends
rephrasing the requirements in the current Recital 66 of Directive 2009/136/EC. Instead
of relying on website operators to obtain consent on behalf of third parties (such as
advertising and social networks), manufacturers of browsers and other software or
operating systems should be encouraged to develop, implement and ensure effective
user empowerment, by offering control tools within the browser (or other software or
operating system) such as Do Not Track (DNT), or other technical means that allow users to
easily express and withdraw their specific consent, in accordance with Article 7 of the GDPR.
Such tools can be offered to the user at the initial set-up with privacy-friendly default settings.
Adherence to accepted technical and policy compliance standards must become a common
practice. In addition, website operators should respect and adhere to browser control tools or
other user preference settings.
2017
The Working Party recommends that terminal equipment and software must
by default offer privacy protective settings, and offer clear options to users to confirm or
change these default settings during installation. The settings must be easily accessible during
use. Users must be enabled to signal specific consent through their browser settings. Privacy
preferences should not be limited to interference by third parties or be limited to cookies. The
Working Party strongly recommends to make adherence to the Do Not Track standard
mandatory.
I mean.. The EU could've also said 'no privacy invasive cookies' instead of 'cookie Banner if privacy invasive cookies'. I don't think being able to disable is bad, I think they didn't go far enough (and also of course datapeople only comply in the most malicious way possible. It's literally their job, a job that shouldn't exist.)
Even the idea of tightening regulations for igaming has many EU countries frothing at the mouth, what makes you think that this didn't start as "no privacy-invasive cookies?"
If the cookies are nessecary for the site to technically function, you don't need to be promoted to accept. The law - which doesn't even mention cookies - allows the absolute minimum amount of data required to provide a service to be gathered. For a website, that included cookies for storing preferences, shopping baskets, login tokens, etc.
But it must still inform you and give you the right to not use the service if you don't want this form of collection happening, its just that you can't use the service and refuse the bare minimum they need to operate.
It was pretty crazy taking my phone from the United States to the EU and seeing all of the notifications of how my data is being shared by "free" apps! It just goes to show that the saying "if the product is free, you're the product" is 100% true!
Unfortunately some pages have started blocking scrolling when the cookie banner is not closed properly. That can also be fixed with uBlock of course, but I encounter that specific problem quite often.
Some sites do those blocks very haphazardly and you can get past just removing couple html-lines, they don't really care since most people won't bother to look (or don't know you can do it). At minimum it might just be "overflow: hidden" added on the top somewhere lmao. It's a pain to do but if it's something specific you need only once, might be worth to check
I still run umatrix in Firefox snd the level of calling out that even simple pages do is shocking. And likely all those called sites even for fonts are collecting something about you.
You can't get it from the store, but it still works as long as you already had it, install using a browser running Chromium V2 before updating, or install it from file, right? Better yet, switch to Firefox (but the most de-Mozilla'd one)
No it won't work. Chromium V3 disables or removes features that it relied upon to work. That's not to say they might not have found a workaround. But I'm sure it's harder and doesn't work as effectively.
Edit: also Firefox does not use Chromium. So yes switching to Firefox is a viable option. But in no way part of my point.
DNS blocking doesn't work with cookie prompts since they're from the same domain as the website. You need something like ublock origin which has the feature to block specific DOM components on the website.
And,
I want some of them to stay though, it wouldn't be a huge hassle to not have them, but I'm a bit lazy...
I wish there was an option to clear third-party cookies automatically
Advertisers get around that by masquerading their cookies to appear not third party.
I'm not aware of this. Can you elaborate?
Essentially, when browsers started to initially implement toggles to block third party cookies more than a decade ago, advertisers in response pressured website hosts to mark their cookies as "essential/required" (AKA forced cookies). You will not get the same revenue as a website host if you do not play ball with this, and some go even a step further by routing/disguising their cookies through trusted domains (google, amazon, etc...) to mask the "true source" , in an attempt to mitigate detection from basic browser filters.
Ublock Origin and the like are pretty good at catching most of them through crowdsourced lists though.
Holy shit that’s a good idea
Firefox's total cookie protrction is excelent. Basically cookies are sandboxed into site spesific boxes. So ie a facebook cookie can not be read by the favcebook script on another site. Only on the site that set the original cookie.
https://www.firefox.com/en-US/features/total-cookie-protection/
I wonder how difficult it would be
I'm not aware of that specifically, but LibreWolf by default blocks all cookies and allows you to set specific sites which can store cookies, very easily, using a sitr whitelist.
This combined with ublock origin should improve your privacy a lot without sacrificing any usability at all.
under settings,privacy and security, under cookies and site data (just above the "Clear cookies and site data every time you close Firefox" box) there's "manage exceptions" that will exclude your favorites from getting erased every time.
Yeah, this is what I do. Only wish mobile had the option.
I just press ctrl+i and add the website as an exception :P
The firefox extension "forget me not" allows you to fully control which cookies are retained, which are deleted, and how/when. It's easy to customize individual sites on the fly. And it's open source!
Combined with "I still don't care about cookies," you almost never see or have to deal with another cookie consent banner.
Pretty sure there is an "Allow" exception that you can use to keep cookies for the sites you want.
(I think you) click on the shield in the URL bar, and a small window comes, which should have a small toggle that says "Keep cookies and site data".
Cookie autodelete has whitelists, optionally different per container.
Thanks, but not thanks, I don't want to be logging in every site every single time I restart my browser; I just simply use AdNauseam with DandelionSprout lists (not all tho), NoCoin lists, the integrated lists, then I use Decentraleyes for not having to depend on external CDNs for almost anything, HaGeZi as my DNS provider, and OpenSnitch for system-wide interactive blocking of any suspicious domains or IPs...
Oh, and hBlock, just to add a little more of paranoia, and ClamAV with Clamd and ClamOnAcc.
If you were truly paranoid youd log into every site every time with an offline password manager protected by a yubikey.
Yubikey had a problem, yubico sold old devices with the problem and initially didn't want to patch it at all so they are pretty crispy burned if you are truly paranoid https://arstechnica.com/security/2024/09/yubikeys-are-vulnerable-to-cloning-attacks-thanks-to-newly-discovered-side-channel/
damn wtf. good thing I'm not that paranoid :P
I can't afford a YubiKey, and also I don't have the time to do that ad infinitum. Just not my thing.
In my experience uBlock origin doesn't really get rid of cookie consent banners/dark patterns. Damn good at bonking ads though.
are you sure you didn't forget to install the filter list? it's not on by default
Did you enable everything? I think the default is just ad block
having too many filters slows down pages significantly, you should keep only those you actually need
In the filter lists, there are three lists named annoyances. Just enable one of them, and these banners will be gone.
Aah, you are right. Lazy me actually never looked at those. Now I did and it seems to work just fine enabling the Annoyances > Cookie Banners.
See 2nd panel of comic.
2nd panel means you have to do it again and again for every new website you visit, or if you clear cookies regularly. Using the ublock addon, you have to enable this setting once, and it is persistent across sessions.
Also getting rid of cookie banners doesn't mean the site won't track with third party cookies. The cookies are ON by default and until you tell them to turn it OFF, they keep the cookies on.
That's a good point. However in the EU it should be the opposite - otherwise the site is violating GDPR.
Sometimes I have a feeling sites do whatever they want anyway regardless of bow many dark patterns I click through to find the "no" and "off" buttons because there are no real repercussions. Just like the "do not track" request and "robots.txt" are essentially useless.
Damn then that's great for EU users. You can really see how scummy these companies are on how they treat GDPR and non-GDPR countries.
Consent-o-matic is good too
I prefer to make things explicit if it can
“ NOOO YOU DON’T UNDERSTAND BRO! OUR BUSINESS MODEL DOESN’T WORK IF WE CAN’T DO MASS SURVELIANCE BRO!”
I DECLARE "LEGITIMATE INTEREST" !!
That shit should be illegal. Accept all / reject all. That's it. If somebody is disabling cookies, literally nobody in the entire world wants any of them! "Oh yeah, please, only keep my location data but not the data about my purchase decisions"...
I have good news for you: In the EU (which forced everyone to have the cookie-accept-banners in the first place) it IS illegal.
The EU didn't force anyone to have the cookie banners. If the site only uses nessecary cookies - the kind you can't turn off in the prompt - there doesn't need to any prompts because that's perfectly fine. The intrusive, obnoxious and deliberate confusing popups are from data harvesters throwing a tantrum because they can't stalk you every waking second any more, and complying in the most malicious and disrespectful way they can.
Cookie banners are nothing to do with the EU and everything to do with tech-bros.
The EU knew about DNT signals before GDPR was finalized and decided to ignore them. I know, I was a web dev at that time (and still am, yes I'm ancient in internet years). This is on the EU and techbros, but having internet explorer and other browsers like firefox (not sure if chrome did it?) enabling DNT by default would make tech bros upset, and the EU couldn't have that, so they made the tech bros a little happier by allowing the consent banners instead.
From the working party back then, which was promptly rejected in the final GDPR we have today:
2016
2017
Heck, the W3C was even talking about working to make it happen.
Point is, the EU sucked up to corporations, surprise surprise.
Receipts:
https://ec.europa.eu/justice/article-29/documentation/opinion-recommendation/index_en.htm
https://ec.europa.eu/justice/article-29/documentation/opinion-recommendation/files/2016/wp240_en.pdf
https://ec.europa.eu/newsroom/article29/redirection/document/44103
I mean.. The EU could've also said 'no privacy invasive cookies' instead of 'cookie Banner if privacy invasive cookies'. I don't think being able to disable is bad, I think they didn't go far enough (and also of course datapeople only comply in the most malicious way possible. It's literally their job, a job that shouldn't exist.)
Even the idea of tightening regulations for igaming has many EU countries frothing at the mouth, what makes you think that this didn't start as "no privacy-invasive cookies?"
It is not fine, you still need to be informed and accept
If the cookies are nessecary for the site to technically function, you don't need to be promoted to accept. The law - which doesn't even mention cookies - allows the absolute minimum amount of data required to provide a service to be gathered. For a website, that included cookies for storing preferences, shopping baskets, login tokens, etc.
But it must still inform you and give you the right to not use the service if you don't want this form of collection happening, its just that you can't use the service and refuse the bare minimum they need to operate.
It was pretty crazy taking my phone from the United States to the EU and seeing all of the notifications of how my data is being shared by "free" apps! It just goes to show that the saying "if the product is free, you're the product" is 100% true!
I wonder how they can even find those 1142 partners to share my browsing data with
Poly culture is freaking wild.
Consent-o-matic is a better system, it actually inputs what you want it to answer for cookie banners
I don't really care if the box gets an answer or not
Amen. If the endpoint serves up the content I'm looking for our interaction is over. The site doesn't need a response.
Unfortunately some pages have started blocking scrolling when the cookie banner is not closed properly. That can also be fixed with uBlock of course, but I encounter that specific problem quite often.
Some sites do those blocks very haphazardly and you can get past just removing couple html-lines, they don't really care since most people won't bother to look (or don't know you can do it). At minimum it might just be "overflow: hidden" added on the top somewhere lmao. It's a pain to do but if it's something specific you need only once, might be worth to check
I want websites to all have a button that says “yeah you can sell my personal data but the website contractually agrees to give me half”
I still run umatrix in Firefox snd the level of calling out that even simple pages do is shocking. And likely all those called sites even for fonts are collecting something about you.
Yeah sure, give me whatever cookies aren't already blocked. I love cookies. Is that all of them?
(closes LibreWolf, which nukes everything except whitelisted sites)
...pathetic.
That plus containerised tabs for "dirty" websites
99.5% browsing in private mode
folds up the mat and goes home
Is this page worth my time....nope
*closes tab
Onto the next tab
Not if you're using a Chromium based browser. Ublock Origin no longer supported in Chromium v3.
There's your problem, pally.
You can't get it from the store, but it still works as long as you already had it, install using a browser running Chromium V2 before updating, or install it from file, right? Better yet, switch to Firefox (but the most de-Mozilla'd one)
No it won't work. Chromium V3 disables or removes features that it relied upon to work. That's not to say they might not have found a workaround. But I'm sure it's harder and doesn't work as effectively.
Edit: also Firefox does not use Chromium. So yes switching to Firefox is a viable option. But in no way part of my point.
Use adblocking DNS on your router, so you don't need to mess with every device separately
DNS blocking doesn't work with cookie prompts since they're from the same domain as the website. You need something like ublock origin which has the feature to block specific DOM components on the website.
But they will block those tracking cookies even if you "accept" to being tracked. But yeah, good point, best to combine both
My setup is by default all cookies are session cookies unless manually changed.
Unlock doesn't really give that as an option but Vivaldi has it built in.
LibreWolf, is my response.
How I stopped worrying and learned to love the Cookie
Repeat frame #2 again once you start using No Script extension on top of uBlock Origin
Cookie autodelete works great together with Firefox containers. Then add I don't care about cookies and the Internet becomes usable again.
iOS because not poor. Can’t block 😢
I'm not sure paying more for a worse experience is the brag you think it is.
This you? https://lemmy.zip/comment/26614649
Get the fuck off my instance.
Yikes. Thanks for the added context
Apple has got to be a big social experiment at this point, and the test subjects are to dumb to realize.
The rest of us are having a good laugh though
Poor judgment though.
https://apps.apple.com/us/app/1blocker-ad-blocker/id1365531024
I like this ad blocker for iOS. I think I paid $40 for lifetime access. Kinda a lot but the app works well and it’s worth it to not see ads.