Re: Cookies and "smart fine print"

• To: www-security@ns2.rutgers.edu
• Subject: Re: Cookies and "smart fine print"
• From: "David W. Morris" <dwm@shell.portal.com>
• Date: Tue, 9 Jul 1996 23:21:08 -0700 (PDT)
• In-Reply-To: <199607100242.VAA08993@is.rice.edu>

On Tue, 9 Jul 1996, Prentiss Riddle wrote:

> And the moral of the story is: making complex features invisible to the
> user is likely to come back to bite you.  Users want transparency in
> the sense of comprehensibility and simplicity, not transparency in the
> sense of covert browser behavior.

First, I doubt many people give a damn. Cookies for tracking purposes
have any number of alternatives for those with nasty intent.

How many people who call 800#s realize that the party paying for the call
gets the caller's phone number and if they did how many would refuse to
make the call? Most of us recognize that there is a cost associated
with providing services whether it be on the WWW or an 800# one can call
for pre-sales product information. Most of us live our lives in 
a fashion that we aren't ashamed of what we do. Its really quite 
simple, if you don't want people to know youve been somewhere, it is
best not to go. True in life and true on-line.

If you insist, wear protection ... in this case it is trivial to
write an HTTP proxy in perl which can filter cookies and and a few
other things as well. Of course if there is a cop in the parking lot
snapping pictures you may still have a problem. Watch out for dem log
files, etc.

This thread has mostly nothing to do with security, how about taking
the wasted bandwidth elsewhere?

• Re: Cookies and "smart fine print"
• From: Benjamin Tomhave <tomhavbe@martin.luther.edu>

• Cookies and "smart fine print"
• From: Prentiss Riddle <riddle@is.rice.edu>

• Previous: Re: Smart Fine Print
• Next: Undeliverable message
• Index(es):
  • Index
  • Thread