Tag • #cookies

Beloved browser extension acquired by non-beloved antivirus firm

news.movim.eu / ArsTechnica · Friday, 16 September, 2022 - 17:49

Enlarge / Nearly every major site warns you about cookies, and it's a shame they share a moniker with one of life's great pleasures. (credit: Getty Images)

Browser extension I don't care about cookies does one job and does it well. It automatically removes the annoying-but-mandated "This website uses cookies" notices from websites. People like it, donate to it, and don't want more of it, a rare find for free software.

"Damn, this is the **** bro, it saved like 50 minutes of my gaming time lol," reads one review on the tool's Microsoft Edge Add-Ons page .

The tone changed when the solo developer posted " GREAT NEWS " on the extension's website. Avast, a giant in cybersecurity that just completed an $8.1 billion merger with NortonLifeLock , would acquire the 10-year-old software for an undisclosed price.

Read 9 remaining paragraphs | Comments

Microsoft Teams stores cleartext auth tokens, won’t be quickly patched

news.movim.eu / ArsTechnica · Thursday, 15 September, 2022 - 17:27

Using Teams in a browser is actually safer than using Microsoft's desktop apps, which are wrapped around a browser. It's a lot to work through.

Enlarge / Using Teams in a browser is actually safer than using Microsoft's desktop apps, which are wrapped around a browser. It's a lot to work through. (credit: Jernej Furman / Flickr )

Microsoft's Teams client stores users' authentication tokens in an unprotected text format, potentially allowing attackers with local access to post messages and move laterally through an organization, even with two-factor authentication enabled, according to a cybersecurity company.

Vectra recommends avoiding Microsoft's desktop client, built with the Electron framework for creating apps from browser technologies, until Microsoft has patched the flaw. Using the web-based Teams client inside a browser like Microsoft Edge is, somewhat paradoxically, more secure, Vectra claims. The reported issue affects Windows, Mac, and Linux users.

Microsoft, for its part, believes Vectra's exploit "does not meet our bar for immediate servicing," since it would require other vulnerabilities to get inside the network in the first place. A spokesperson told Dark Reading that the company will "consider addressing (the issue) in a future product release."

Read 6 remaining paragraphs | Comments

Google has a new plan for replacing browser cookies with ‘Topics API’ - Fact is you have to choose between adverts, donors or subscription payments for anything online

GadgeteerZA · news.movim.eu / gadgeteerza-tech-blog · Tuesday, 25 January, 2022 - 17:55 · 1 minute

Browser cookies, especially cross-domain cookies, make it easy to track people across the internet and collect data for targeted advertisements. That’s why many browsers now block third-party cookies, from Firefox to Vivaldi, and Google has been trying to build a replacement that addresses some privacy concerns. The company’s first attempt didn’t work out well, so Google is trying again with Topics API.

Similar to the earlier FLoC design, it uses your browser to locally generate groups that advertisers can target, but now it’s based on specific topics instead of grouping people that share an interest in multiple topics together. Even though the new technology might be an improvement over FloC, it likely won’t be much more popular.

It does cost real money to host any online service, so we either get it "free" with adverts that ideally do not track us, otherwise some donates to cover the service, or we pay subscriptions. Once a service scales up to the size of Google services, donations usually don't cover it. But ultimately, both FLoC and Topics API are probably better than the cookies we have right now. Ban advertising, and large chunks of popular services will just disappear off the Internet.

See https://www.xda-developers.com/google-topics-api/

#technology #cookies #tracking #google

La CNIL prononce une amende de 210 millions d’euros contre Google et Facebook

Amandine Jonniaux · news.movim.eu / JournalDuGeek · Friday, 7 January, 2022 - 08:15

Logo Facebook

Accusés par la CNIL de ne pas respecter la loi en matière de cookies, Google et Facebook vont devoir s’acquitter d’une lourde amende, et rapidement revoir leur copie.

La CNIL prononce une amende de 210 millions d’euros contre Google et Facebook

France fines Google and Facebook €210M for making cookies hard to reject

Jon Brodkin · news.movim.eu / ArsTechnica · Thursday, 6 January, 2022 - 18:29 · 1 minute

Enlarge (credit: Getty Images | Sean Gladwell)

French regulators today ordered Google and Facebook to make rejecting cookies as simple as accepting them and fined the companies a total of €210 million for failing to comply with France's Data Protection Act.

The CNIL (Commission Nationale de l'Informatique et des Libertés) said that "facebook.com, google.fr and youtube.com offer a button allowing the user to immediately accept cookies" but "do not provide an equivalent solution (button or other) enabling the Internet user to easily refuse the deposit of these cookies. Several clicks are required to refuse all cookies, against a single one to accept them."

The process making it harder to reject cookies than to accept them "affects the freedom of consent of Internet users and constitutes an infringement of Article 82 of the French Data Protection Act," the CNIL said. The agency announced fines of €150 million for Google and €60 million for Facebook and said it "ordered the companies to provide Internet users located in France with a means of refusing cookies as simple as the existing means of accepting them, in order to guarantee their freedom of consent, within three months. If they fail to do so, the companies will have to pay a penalty of 100,000 euros per day of delay."

Read 5 remaining paragraphs | Comments

index?i=cS2cfVHr448:cQ06Paxjd-U:V_sGLiPBpWU

index?i=cS2cfVHr448:cQ06Paxjd-U:F7zBnMyn0Lo

Today’s Firefox 91 release adds new site-wide cookie-clearing action

Jim Salter · news.movim.eu / ArsTechnica · Tuesday, 10 August, 2021 - 13:00 · 1 minute

Enlarge / This menacing firefox seems to be on the prowl for unwanted third-party cookies. (credit: Hung Chung Chih via Getty Images )

Mozilla's Firefox 91, released this morning, includes a new privacy management feature called Enhanced Cookie Clearing. The new feature allows users to manage all cookies and locally stored data generated by a particular website—regardless of whether they're cookies tagged to that site's domain or cookies placed from that site but belonging to a third-party domain, eg Facebook or Google.

Building on Total Cookie Protection

Mozilla isn't being delicate about which tech giant is first in its crosshairs. (credit: Mozilla)

The new feature builds and depends upon Total Cookie Protection , introduced in February with Firefox 86. Total Cookie Protection partitions cookies by the site that placed them, rather than the domain that owns them—which means that if a hypothetical third party we'll call "Forkbook" places tracking (or authentication) cookies on both momscookies.com and grandmascookies.com , it can't reliably tie the two together.

Without cookie partitioning, a single Forkbook cookie would contain the site data for both momscookies.com and grandmascookies.com . With cookie partitioning, Forkbook must set two separate cookies—one for each site—and can't necessarily relate one to the other.

Read 8 remaining paragraphs | Comments

index?i=_X1jstQf4Hg:U2WEPdedtzs:V_sGLiPBpWU

index?i=_X1jstQf4Hg:U2WEPdedtzs:F7zBnMyn0Lo

Google remet l’abandon des cookies à plus tard

Remi Lou · news.movim.eu / JournalDuGeek · Friday, 25 June, 2021 - 17:30

Google remet l’abandon des cookies à plus tard

Tired of accepting/rejecting cookies? ADPC wants to automate the process

Jim Salter · news.movim.eu / ArsTechnica · Wednesday, 16 June, 2021 - 23:55 · 1 minute

Cookieyes.com—a site devoted to providing GDPR/CCPA consent solutions—unsurprisingly has an excellent, minimally-invasive cookie banner. [credit: Jim Salter ]

The European Union's General Data Protection Regulation ( GDPR ), passed in 2018, requires websites to ask visitors for consent prior to placing cookies. As any Internet user is now aware, this means an extra step required when visiting nearly any website for the first time—or potentially every time, if you choose not to accept cookies. A new proposed HTTP standard from None of Your Business and the Sustainable Computing Lab would allow the user to set their privacy preferences once , inside the browser itself, and have the browser communicate those preferences invisibly with any website the user visits.

Advanced Data Protection Control

The proposed standard enables two methods of automated preference delivery—one which communicates directly with the web server hosting a site being visited, and another which communicates with the website itself.

When ADPC communicates directly with the web server, it does so via HTTP headers—a Link header pointing to a JSON file on the server, and the ADPC header emitted by the user's browser. When communicating with the website itself, the mechanism is via JavaScript— configuration is passed as an object to the DOM interface, e.g., navigator.dataProtectionControl.request(...) .

Read 12 remaining paragraphs | Comments

index?i=6Tghi8tqroQ:aDCgjGegL44:V_sGLiPBpWU

index?i=6Tghi8tqroQ:aDCgjGegL44:F7zBnMyn0Lo

Ca

CookiesWhat would make your happiness immeasurable and save your...

comics.movim.eu / CatsCafe · Wednesday, 14 April, 2021 - 14:01

Cookies

What would make your happiness immeasurable and save your day?