By accepting everything, you are also sending most of the time extra data to third parties. What you are doing is ill-advised if you care about privacy.
Not really. If you’re using an adblocker, it’s the best option. It’s the path of least resistance, and tracking is blocked regardless if it’s tracked it not. No server will see if you pressed accept or decline. That’s why this addon exists.
How does that work though? The cookies are presumably based on things like your IP and browser metrics, which a site gets from your browser. If your browser throws away the cookies then on your next visit you aren’t volunteering that you’ve been there before. But the site can still likely figure it out, but without the cookies it isn’t as certain. With well-constructed cookies they can be almost 100% sure you’re the same visitor.
Cookie consent is actually supposed to be about all data tracking.
There are quite a few analytics that do fingerprinting “because it’s not a cookie, it’s not covered by Cookie Consent”. But it is still covered.
Some of them respect the fact that declining cookies is about declining tracking.
So, if you consent to all cookies, you are also consenting to any fingerprinting that doesn’t rely on cookies. So deleting cookies wouldn’t remove that fingerprinting data.
I Still don’t care about cookies? From its description:
In most cases, the add-on just blocks or hides cookie related pop-ups. When it’s needed for the website to work properly, it will automatically accept the cookie policy for you (sometimes it will accept all and sometimes only necessary cookie categories, depending on what’s easier to do).
So, yeah, doesn’t accept everything, but might accept some.
However, since many webpages have illegally made it so refusing consent is more difficult than giving ‘consent’, that extension is significantly more complex and in my experience doesn’t work as reliably, unfortunately.
Well, you can install both of these add-ons via this workaround: blog.mozilla.org/…/expanded-extension-support-in-…
(I have used both. Both work. Although, again, I’d rather recommend I Still Don’t Care About Cookies + Cookie Auto-Delete.)
However, Mozilla plans to make much more extensions available for Android soon, so you might see these regularly available before the end of the year. This is what we know for now: blog.mozilla.org/…/prepare-your-firefox-desktop-e…
Yeah, sometimes websites have so many hidden checkboxes, that consent-o-matic has a rough time going through all of them. Takes like 10-20 seconds to disable them all at computerized speed.
Because they rest safe in the knowledge that you rarely if ever get taken to court for it. There are millions of web pages, it needs people to take action to do something about it, and just clicking “Yes all of them” to access the content you were just trying to get to is a far better solution in most situations than hiring a lawyer and investing a few years of legal proceedings, nevermind the money.
There is an organization called nyob (I think) pushing back against that and going through the courts to have more sites penalized for their violations. The process is slow, but I see more and more pages adopting the required “reject all” so there seems to be some pressure on them.
IIRC the EU also ruled that burying the rejection options under additional links counts as a violation. Hence why Google now has a Reject button next to the accept button. Most sites still do that.
Do you know if there is a EU-wide place to report such behavior?
The biggest privately owned TV channel in my country not only does that, but actually just redirects you to a pdf file if you want to “manage cookies”. And it’s not like I can submit a complaint on a national level, as the ruling party’s website uses google analytics without a cookie notice at all.
I think you report to your nation’s Data Protection Centre, each member has their own that takes the reports. If I was still in the EU I would have put more time into finding out how reports work.
Yeah this is very common, I don’t know why other people on here are gaslighting like it doesn’t happen. It’s this way for major sites like YouTube/Twitter/Twitch/etc too. Hell even embedding a YouTube video on a site is violating GDPR. It’s a good idea, but needs a version 2.0 patch to fix some exploits.
I mean almost all websites fall foul of that. You often have to bury deep and end up with a palette of complicated choices and acceptances of individual tracking companies. It’s a bloody mess. The EU should just have mandated “do not track” adherence. There’s already a standard; just enforce it.
I understood the post as those webpages only refusing to load, if the user declines Cookies. So, they do still want to benefit off of those EU users, who click “Accept”.
even worse offenders are the ones with tick boxes for “Legitimate Interest”, since legitimate interest is another grounds for processing (just ads freely given consent is one), the fact you got a “tick” box for it makes it NOT legitimate interest within the confines of the GDPR.
it also doesn’t matter what technology you use whether its cookies / urls / images / local storage / spy satellites. its solely about how you use the data…
There’s a medical website that appears in top searches (forget the name) that does it too but yeah, mostly seems to be news websites but not the big ones. In most cases Unlock Origin or the like can hide the panel they throw up to choose if you really need the info or archive or 12ft ladder can get you the info.
The sad part is feeling so happy yet having no one to really share it with, because most likely you were working alone to solve the issue and when you explain the whole thing it sounds so silly… like trying to explain how funny a joke you made was. “I guess you had to be there”.
😅 Mine ended up being only like 50 lines or so total. Complex, pervasive, data coupling with security concerns and my own ignorance were the primary drivers for the time taken on this one.
We have been doing some new pair work processes to expand group capabilities (and to train up some juniors) so I am happy to report that I got to share this with two whole people.
That’s part of why it took so long. Every day I thought I was done a new person would be added to the review and they would identify a security and/or use case edge case.
Why? IMO that’s perfectly valid. The various type coercions are sometimes crazy, but IMO the rule that non-empty string is coerced to true and empty string to false is very simple to follow. The snippet is not even a gotcha, I don’t see anything worth failing over. Putting “true” or “false” in a string doesn’t change that.
I am dumb. The more things I need to think about when reading code that is not the logic of the code, the worse it is. Any time I have to spend thinking about the peculiarities of the way the language handles something is time wasted.
I’ll give a very simple example, think like you’re trying to find a bug. Assume we’re in a dynamic language that allows implicit conversion like this. We can write our code very “cleanly” as follows:
if(!someVar) doSomething();
-> ok, now we gotta check where someVar’s value is last set to know what type of data this is. Then I need to remember or look up how those specific types are coerced into a bool.
When trying the same code in a statically typed language that doesn’t do implicit coercion that code will fail to run/compile so probably you’ll have something like this:
if(someVar.length() == 0) doSomething();
-> this time I can just look at the type of someVar to see it’s a string and it’s clear what the condition actually means.
The second option is both easier to read and less bug prone even without the type system. It takes maybe 3 seconds longer to type, but if your productivity in coding is that limited by typing speed then I envy you
Dynamically typed doesn’t imply it’s monotyped. And monotyped languages can work just fine, you just have to not hide different operations under the same symbols just differing by type like JS does.
The entire problem with JS is that it both is monotyped and it isn’t.
Isn’t the whole point of dynamic languages that they’re monotyped? They’re equivalent to a type system with only one type, any. Really, most dynamic languages are equivalent to having a single tagged union of all the different sorts of values in the language.
If you add additional types, you get into gradual type systems.
A language has dynamic types if the type-resolution is done at runtime. The other kind is static types, where it’s done at compile-time.
A language is monotyped if every value is compatible with every operation, so there’s actually no type resolution.
A language has explicit types if you declare your types, implicit ones if you can’t declare them, type derivation if declarations are optional but they exist and are static you declaring or not, or gradual types if declarations are optional but they exist and are dynamic you declaring them or not.
All of those things are different.
Also, some people will insist “types” can only be static. Go ask those people whatever is the name of the things Python have, because either they just invented some different words, or they are only trying to confuse you.
In Types and Programming Languages, Ben Pierce says “Terms like ‘dynamically typed’ are arguably misnomers and should probably be replaced by ‘dynamically checked’, but the usage is standard”. Generally, you’ll see ‘tag’ used by type theorists to distinguish what dynamic languages are doing from what a static language considers a type.
Type systems have existed as a field in math for over a century and predate programming languages by decades. They do a slightly different sort of thing vs dynamic checking, and many type system features like generics or algebraic data types make sense in a static context but not in a dynamic one.
many type system features like generics or algebraic data types make sense in a static context but not in a dynamic one
Hum… Not so much. You can do polymorphism with dynamic types perfectly well, with mechanisms that are exactly equivalent to the ones used on static languages (python people just love that). You can also have tagged unions with a completely equivalent mechanism from algebraic data types (that everybody ends-up doing in json sooner or later). Also you can do out of order verifications in a logical fashion, rewrite code at run time, or anything else even. It’s compile-time that has limitations on what it can do, runtime has none.
I am not at all against inventing new names. But I am really against naming concepts that are not independent from each other. And insisting on those is just signaling-oriented pedantry. So you can very well insist that the dynamic thing is not called “type”, but you can’t really do it in a way that implies the only thing you can get out of them is a type mismatch error.
What kind of runtime tag corresponds to generics, exactly?
Python handles generics essentially the same way that Java 1.0 handles generics: it just kinda punts on it. In Java 1.0, list is a heterogenous collection of Objects. Object, in Java 1.0, allows you to write polymorphic code. But it’s not really the same sort of thing; that’s why they added generics.
It’s compile-time that has limitations on what it can do, runtime has none.
Ish.
There’s typing a la Curry, where semantics don’t depend on static types and typing a la Church, where semantics can depend on static types.
Haskell’s typeclasses, Scala’s implicits and Rust’s traits are a great example of something that inherently requires Church style typing.
One of the nice things typeclasses let you do is to write functions that are polymorphic on the return type, and the language will automagically pick the right one based on type inference. For example, in Haskell, the result of the expression fromInteger 1 depends on type ascribed to it. Use it somewhere that expects a double? It’ll generate a double. Use it somewhere you expect a complex number? You’ll get a complex number. Use it somewhere you’re using an automatic differentiation library? You’ll get whatever type that AD library defined.
That’s fundamentally not something you can do in python. You have to go with the manual implementation passing approach, which is incredibly painful so people do it very sparingly.
More to the point, though, limitations have both costs and befits. There’s a reason python doesn’t have goto and that strings are immutable, even though those are limitations. The question is always if the costs outweigh the benefits or not.
Also, a huge proportion of the list is just not understanding IEEE floats behaviour and blaming the language for it. Exactly like this post is doing. All those weird number things js does is because it only uses floats for everything and every language that uses floats will behave the exact same way.
programmer_humor
Hot
This magazine is from a federated server and may be incomplete. Browse more on the original instance.