top | item 38867095

(no title)

joecasson | 2 years ago

You are correct - only third-party, cross domain cookies. WSJ and other writers simplify to "cookies" because it's a simpler headline and only a small percentage of people understand the difference (even tech workers!). It's terribly annoying that they do this because first party cookies are invaluable and will never go away until there is something just as easy to maintain state on on a website (e.g. remembering that you're logged in from page to page, session to session).

Source - I work in marketing tech.

discuss

jefftk|2 years ago

In addition to being narrower than cookies it's also broader: they're phasing out all shared client-side storage in a third-party context. Imagine if a.example and b.example both iframed in a page from c.example. It doesn't matter whether the c.example page uses cookies, localStorage, IndexedDB, or something else: it can't share arbitrary state to recognize that the user on a.example is the same user as the one on b.example.

It's common to use "cookies" to refer to any client side storage because at the time people first started talking about "cookies" the other forms didn't exist yet.

This would all be much clearer if we talked about "cross-site tracking".

flanked-evergl|2 years ago

> You are correct - only third-party, cross domain cookies. WSJ and other writers simplify to "cookies" because it's a simpler headline and only a small percentage of people understand the difference (even tech workers!).

The "third-party" qualifier of the word "cookie" here is essential to what is happening, not incidental. It's like someone discovered a drug that kills all cancer cells, and then WSJ reports you discovered a drug that kills all cells. Third-party cookies are "frowned upon", normal cookies are essential for the web to function.

This headline is just plain and simple wrong, it would not be acceptable to make false headlines about economics, politics, climate or anything else, so it's also not okay for them to use false headlines about tech.

The article should be removed from HN.

Dalewyn|2 years ago

>first party cookies are invaluable

I am coming to find I don't want cookies, including first-party, on the vast majority of websites. Specifically, I only want first-party cookies on websites I login to.

Otherwise, I can't remember the last time in recent memory when first-party cookies benefitted me in some worthwhile way. They only serve to track me or otherwise disturb my peace for the benefit of the webmaster.

So far I've been opening a lot of websites in Private Mode, but maybe it's just easier to blanket blacklist all cookies and then handpick the small number I want to whitelist.

jefftk|2 years ago

> Otherwise, I can't remember the last time in recent memory when first-party cookies benefitted me in some worthwhile way.

A very standard example is when you put something in a shopping cart the site needs some way to record this, which requires cookies or other client-side storage. And if it's a site you've never bought from before you wouldn't be logged in.

mikeryan|2 years ago

First party cookies are how you’re authenticated on a website.

They (or an equivalent mechanism) is the only way to save state and create the concept of a “session”.

godzillabrennus|2 years ago

Thanks to the EU, you need to enable Cookies to let a website remember you want to reject all Tracking/Cookies...

Some adblockers do an okay job of hiding those requests, but others do not.

It seems like modern web users need a browser that blocks trackers, an Authoritative DNS like Pi-Hole on the network that blocks trackers, an Authoritative DNS for Pi-Hole to query like NextDNS that blocks trackers, and, of course, a browser plug-in to augment the browsers tracker blocking ability like uBlock.

willsmith72|2 years ago

I guess depends on the definition of tech workers, I haven't worked with engineers who would think google was actually killing all cookies. Only true if you included design, content, sales etc