this post was submitted on 23 Sep 2023
515 points (95.6% liked)

Memes

45745 readers
1665 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
 
all 36 comments
sorted by: hot top controversial new old
[–] 7heo@lemmy.ml 57 points 1 year ago* (last edited 1 year ago) (6 children)
[–] hai@lemmy.ml 14 points 1 year ago (1 children)

Fair point, I made the meme to be silly, and, yes, this is one of the many reasons why tokens in general should expire after some point in time.

Also the meme isn’t wrong, memes don’t need logic, they’re supposed to give people a giggle.

[–] 7heo@lemmy.ml 7 points 1 year ago* (last edited 1 year ago) (1 children)
[–] hai@lemmy.ml 0 points 1 year ago (1 children)

To be Frank, who I am not (I'm Hai), I can't tell if you're a troll or not. Although, if you're not, my meme is not "wrong" or spreading misinformation it contains a logical fallacy, as many jokes do. I can list jokes that contain logical fallacies upon request.

[–] 7heo@lemmy.ml 5 points 1 year ago* (last edited 1 year ago) (1 children)
[–] hai@lemmy.ml 2 points 1 year ago

This was the funniest thing I read all day, thank you. Sorry for misunderstanding your tone.

[–] NightAuthor@lemmy.world 9 points 1 year ago (1 children)

Look at this guy over here, nerding out about the WiFi.

Jk, glad to find someone in the comments correcting the misinformation in the meme. OP is probably a hacker who likes to do session hijacking.

[–] hai@lemmy.ml 3 points 1 year ago

Not a hacker, just a silly goofball.

[–] redcalcium@lemmy.institute 5 points 1 year ago (1 children)

JWT sounds great on paper until you have to deal with logout and revocations. Might as well use standard session cookies.

[–] 7heo@lemmy.ml 4 points 1 year ago* (last edited 1 year ago)
[–] joucker29@lemmy.ml 3 points 1 year ago

Fr my thoughts exactly

[–] tdawg@lemmy.world 2 points 1 year ago (1 children)

And what happens next time they load the site?

[–] 7heo@lemmy.ml 3 points 1 year ago* (last edited 1 year ago) (2 children)
[–] Catweazle@social.vivaldi.net 1 points 1 year ago (1 children)

@7heo @tdawg, i only keep data from sites which i visit every day, no other, using Site Bleacher, it remove automatically cookies, local storages, IndexedDBs, service workers, cache storages, filesystems and webSQLs from all not whitelisted sites. This keeps clean the browser and HD.

https://github.com/wooque/site-bleacher

Similar alternative

https://github.com/Cookie-AutoDelete/Cookie-AutoDelete

[–] 7heo@lemmy.ml 4 points 1 year ago* (last edited 1 year ago)
[–] SnipingNinja@slrpnk.net 1 points 1 year ago (1 children)

What about incognito sessions?

[–] 7heo@lemmy.ml 1 points 1 year ago* (last edited 1 year ago) (1 children)
[–] SnipingNinja@slrpnk.net 2 points 1 year ago

Yeah, that's what I was curious about, the security issues you mentioned as I wasn't clear in my understanding until now. Thanks.

[–] 4am@lemm.ee 1 points 1 year ago (1 children)

Yeah you really should do both. Some session cookies can just be used as tracking cookies later.

[–] 7heo@lemmy.ml 1 points 1 year ago* (last edited 1 year ago)
[–] mle86@feddit.de 33 points 1 year ago (1 children)

Automatically clear cookies on browser exit, only whitelist the couple of websites you use regularly.

Has the added benefit of making tracking cookies fairly (but not completely) useless

[–] strawberry@artemis.camp 5 points 1 year ago (1 children)

what if I already block all third party cookies? is there a point?

[–] archchan@lemmy.ml 5 points 1 year ago (1 children)

That's still good practice but first party cookies aren't exactly trustworthy either. IMO, best to whitelist what you trust and use, permablock what you don't, and auto-wipe the rest.

[–] strawberry@artemis.camp 2 points 1 year ago (1 children)

so what exactly are first party cookies?

[–] hai@lemmy.ml 2 points 1 year ago (1 children)

Cookies used by the site, third party would be cross origin.

(I think)

[–] strawberry@artemis.camp 3 points 1 year ago (1 children)

https://termly.io/resources/articles/first-party-cookies-vs-third-party-cookies/

here's what I found

tldr: first party coolies are used to enhance your experience, with staff like login info and ur shopping cart. third party tracks you. wither way, imma start clearing most cookies from now on

[–] 0xD@infosec.pub 2 points 1 year ago

To be precise, first-party and third-party just means whether the cookie set is for the domain you are currently on, or for another one. The latter do not have to be tracking cookies, but are often used as such. You can see the cookies that your browser is storing for a specific site by visiting it and looking at them in the developer tools (Storage or Application tab, depending on browser). Under the "domain" column you can see what domain it is for.

Furthermore, there you can look at the Local Storage and Session Storage tables which are also often used to store tracking data but are not prevented by cookie deletion.

[–] IzzyData@lemmy.ml 11 points 1 year ago* (last edited 1 year ago) (1 children)

Only ever using private windows and then alt F4ing to automatically delete all session data.

[–] SnipingNinja@slrpnk.net 2 points 1 year ago

This is what I do

[–] DJArbz@lemmy.notmy.cloud 5 points 1 year ago (1 children)

I have a script called cookie_monster.sh

[–] SomeBoyo@feddit.de 3 points 1 year ago

Can you post it here, or link to a git?

[–] Krafting@lemmy.world 3 points 1 year ago (1 children)

Doesn't work on every sites, weirdly enough

[–] ShustOne@lemmy.one 7 points 1 year ago

These days you'll need to clear localStorage, sessionStorage, and localDb to really do this. The rise in tokens means some sites only use those.

[–] SYNOPSIS@lemmyf.uk 0 points 1 year ago (1 children)

fuckin hate that drake meme

[–] Cabrio@lemmy.world 3 points 1 year ago* (last edited 1 year ago)

shows up on a sunny day
"I fucken hate the rain!"