Site Privacy issues

From: Gordon JC Pearce <>
Date: Fri Sep 17 02:58:45 2004

John Lawson wrote:

> Gordon, either you're very used to reasoning with young teenagers, or
> perhaps you are quite young yourself - no matter. There is a term:
> reductio ad absurdam, and I shall not dignify your post any further than
> to refer you to that term, it's definition, meaning, and how it might
> apply to the above..

"absurdum", if my grasp of Latin isn't quite as rusty as I fear it may be.

I don't know, it just seems that it's people who either don't understand
how web browsers and non-static sites work, or relative newbies to the
Internet, seem to shout and rave about cookies "OMG, that site sent me a
*cookie*! I'm being hacked! They're going to steal my credit card
number and my pr0n stash!"

Pretty much any site that does anything "cleverer" than serve up static
pages is going to need some means by which the server can keep state -
HTTP doesn't really have a mechanism for this, since the connection is
closed once the page has been sent. Now, if you want the server to have
some idea of where a given client has come from *within your own site*,
you can either fake it with hidden form fields (not always possible, but
worth a try), a big long identifier in the GET request (ugly, and prone
to error), or use a cookie. It's not a fantastic way of doing it, but
it's the "least worst" in the absence of properly stateful connections.

Of course, if you don't want to use them, that's just fine. You may
well miss out on a few sites, but that's entirely your choice. It would
be a shame if you did so, without really understanding *why* other than
some vague idea that "cookies are bad". You may also wish to try a
browser like Firefox, which lets you allow or deny cookies on a
site-by-site basis. I tend to use it to block cookies from the major
banner-ad providers, except on sites where I really think the adverts
are justified - some content *does* need to be paid for, and if the
sites want to use banner ads and they are not too obnoxious, sometime's
I'll even click on them.

Heigh-ho. I'm sure I won't convince you out of your resolutely
cookie-free mode of thought. At least I haven't descended to mis-spelt
Latin and patronising remarks about teenagers. Just to give you some
frame of reference, I am probably around the young-to-median point of
the age range of this list (actually, what *is* the age range? It would
be interesting to know) - old enough to remember the days before
sub-?100 home computers, and *just* old enough to fondly remember
Honeywell CP-6 at university. Not that I was supposed to be on there
until 3rd year, being an EE student. They only really let the Comp Sci
bods play with it. Just depends which sysadmin you take to the pub...

Received on Fri Sep 17 2004 - 02:58:45 BST

This archive was generated by hypermail 2.3.0 : Fri Oct 10 2014 - 23:37:29 BST