Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Chrome Google Privacy The Internet IT

Google Chrome To Boost User Privacy by Improving Cookies Handling Procedure (bleepingcomputer.com) 37

Catalin Cimpanu, writing for BleepingComputer: Google engineers plan to improve user privacy and security by putting a short lifespan on cookies delivered via HTTP connections. Google hopes that the move will force website developers and advertisers to send cookies via HTTPS, which "provides significant confidentiality protections against [pervasive monitoring] attacks."

Sending cookies via plaintext HTTP is considered both a user privacy and security risk, as these cookies could be intercepted and even modified by an attacker. Banning the sending of cookies via HTTP is not yet an option, so Chrome engineers hope that by limiting a cookie's lifespan, they would prevent huge troves of user data from gathering inside cookies, or advertisers using the same cookie to track users across different sites.

This discussion has been archived. No new comments can be posted.

Google Chrome To Boost User Privacy by Improving Cookies Handling Procedure

Comments Filter:
  • by Anonymous Coward on Friday April 13, 2018 @09:54AM (#56431133)

    You're still using a browser published by an ad company.

    • mod parent up!
    • by AHuxley ( 892839 )
      The ads are now direct and more encrypted :)
    • Actually the browser's author or what that author does is both inaccurate (Google is not just about advertising) and irrelevant. If Google Chrome were published as free software—software that respected a user's freedom to run, inspect, modify, and share published software—users could inspect the source code, change what they didn't like, run the variant they prefer, and share their improved version. Users don't have these freedoms with Google Chrome, Chrome is proprietary (nonfree, user-subjugat

  • by Anonymous Coward on Friday April 13, 2018 @09:55AM (#56431139)
    Let us manage cookies without making us have extensions and let us choose which sites are allowed to have cookies. All web browsers have been crippling their cookie management recently.
  • by Moldiver ( 1343577 ) on Friday April 13, 2018 @09:57AM (#56431163)

    Easy way to boost privacy - Stop using Chrome and google services...

    • and for starters, replace DNS servers 8.8.8.8 and 8.8.4.4 with 1.1.1.1 / 1.0.0.1 ...
    • Easy way to boost privacy - Stop using Chrome and google services...

      Depends on what you mean by privacy. There are people I trust with my data. There are many more that I don't. Just because I use Chrome and Google Services doesn't mean I don't want a secure method of communicating with people, them specifically.

  • Google has been pushing https a lot already, for a few years, and cookies exchanged over an https site are secure. Websites using http to send/set/read session (...) cookies deserve to be hacked.
    • Websites using http to send/set/read session (...) cookies deserve to be hacked.

      Does this include of your home router, printer, or NAS box? The login page of home network devices like these probably uses cleartext HTTP because several usability problems with running a private HTTPS server still have not been solved for less-technical users.

      In mainstream web browsers, the warning for a cleartext HTTP connection is still not as scary as the warning for an HTTPS certificate from an unknown issuer. And when displaying this warning, mainstream web browsers make no distinction among the same

  • https://duckduckgo.com/?q=brow... [duckduckgo.com]

    When chrome is able to evade browser fingerprinting, we'll talk.

    Is there even a browser out there that does this?

    • Is there any company that actually uses browser fingerprinting? I haven't seen it used anywhere (but obv that doesn't mean it's unused). Other methods are still too practical, and easier to work with.

  • Ohhhhh, google means they are the only one to store, sell and analyse the data.

    "privacy" -Gotcha!
  • Delete your cookies every night. Clear everything so you start fresh in the morning.

    Make web sites and advertisers work to figure out who you are.

If you steal from one author it's plagiarism; if you steal from many it's research. -- Wilson Mizner

Working...