|
printable version
- js reader version
- view hidden posts
- tags and related articles
View article without comments
by a regular, but under different name now
Friday, Dec. 05, 2003 at 6:26 AM
Cookies, and other flaws
I've got to say I was really disappointed when I came back here after a long absence and saw that you are now sticking cookies on to the computers of web visitors. Don't get me wrong. I know why you're doing it and I think you have good intentions with this new feature ability to add authors to an "ignore list." Please take what I'm about to say as constructive criticism. I'm not here to bitch. But there are some serious issues with what you've done.
At first glance, that's a really cool feature addition. But the bottom-line is that the feature can never work without flaws. Prime Example: There has been a long history of people posting under the screen names used by others, cases specifically where the "bogus" author is attempting to discredit someone. Now, with that feature, it's relatively easy form some goof ball to come here, post a message that is totally vile (e.g., like those gross messages that someone used to post about sheepdog liking his horse and... well, I need not say more). Sure, the messages would always be deleted, but not for a few hours in many cases. And with your new system, that is all that would be needed for some people to decide to zap some specific screen name, and agent provocateurs have more free time than IMC editors. This hypothetical scenario is going to happen.
But the real beef is privacy. Earlier this year, the FBI asked San Francisco's IMC staff to provide server logs of visitors. This was reported in the San Francisco Chronicle, if I remember correctly, and the staff people simply told the FBI that there were no logs to provide because no logs were kept. Now, here you are, sending cookies on to the machines of visitors to power-up the each person's "ignore list," which by definition means that your server keeps a log of that cookie and makes the programmed changes to message thread display on an ongoing basis.
NOT COOL
Report this post as:
by johnk
Friday, Dec. 05, 2003 at 7:08 AM
I wrote the ignore features so I can explain it. Cookie technology is widely misunderstood.
The cookies are used, but are not recorded in a database.
When you go to most sites that use cookies, the cookie you get has an "account number" in it that corresponds to a database record of you. The number is used to key back into a larger body of data. This "account number" is stored, on your browser, on your disk, and it might look like this "12345".
(The cookie is transmitted, like an ID tag, back to the server on every web request you make. That's how websites "remember" you when you go to a page.)
You can actually look at your cookies in most browsers. There's a menu item somewhere that lets you view them.
The LA IMC cookies, at this time, don't store any kind of account number. If you look at the cookies, you'll see that one is named ignore, and it's contents are a list of the names of all the ignored users.
The cookie *is* the database. Instead of keying back into a database (that contains your ignore lists), the cookie contains all the information necessary to maintain your ignore lists. The upshot of this is that your ignore list cannot be longer than 1000 character or so, which is the limit of how large a cookie can be.
The other upshot of this is that we can't tell who is being ignored the most. That would be useful information, but we don't have it.
Report this post as:
by johnk
Friday, Dec. 05, 2003 at 7:25 AM
The assertion that cookies implies logging is incorrect.
Cookies and logs are unrelated.
Formally defined, a cookie is a named string of data that a server sends to a browser. The browser, on subsequent requests to that server, will send the string back to the server.
It's like a temporary pass that's given to you when you enter a building.
In the case of this ignore feature, the temporary pass is like a "buy 5 coffees, get the 6th free" card from a coffee bar. There's no identifying information on the card, but the card contains some data (the number of drinks purchased) and is modified after transactions with the coffee bar.
A typical cookie on a site like Yahoo looks like this:
yahooid="1232423212323@mail"
The cookie used by the ignore feature looks like this:
ignore="Bush Admirier:nonanarchist:Max"
When you decide to ignore johnk, the cookie looks like this after you click on the "ignore" link:
ignore="Bush Admirier:nonanarchist:Max:johnk"
----------
All that said - we are planning to implement a user-login feature. This will not require cookies, but, cookies will make it a lot easier to use the site.
Report this post as:
by Joe
Friday, Dec. 05, 2003 at 9:59 AM
The FBI can determine who posts on any IMC within the US at will. Falsely believing that you have privacy is the first step towards hanging yourself. There is no privacy.
There will only be privacy when the entire IMC approach is rejected and replaced with a better option. For example, an IMC network independent of the Internet but accessible from the Internet, where all communications are encrypted.
I support LA IMC's new policy. It's the best they can do for the moment.
Report this post as:
by Alan
Friday, Dec. 05, 2003 at 11:36 AM
Absolutely correct.
Trash you bill of right
There is no privacy.
POLICE STATE is NOT Orwellian future.
IS HERE!!!
"The high office of the President has been used to foment a plot to destroy the American's freedom and before I leave office, I must inform the citizen of this plight."
- President John Fitzgerald Kennedy, in a speech made to Columbia University on Nov. 12, 1963, ten days before his assassination.
Report this post as:
by Sheepdog
Friday, Dec. 05, 2003 at 11:51 AM
The idea of hiding works well with their intimidation strategy.
There Should be the accepted idea that this is our property paid for and given title to and we can decide to use it as we damn well please. ' Secure in your person' from unreasonable search.
They can only watch a few of us limited by resources such as man hour requirements for filtering 'raw' data.
As I see it the only way to defeat the system is to saturate it in data just to let them know they can kiss our ass. We out number them millions to one. All we need is the most feared weapon of all.
common realization of the real enemy.
Report this post as:
by Adult Supervisor
Friday, Dec. 05, 2003 at 12:34 PM
i'm amazed to see the lengths to which LA IMC will go to insulate their constituents from having to hear the truth.
That's the only thing I ever read here in postings from Bush Admirer, Nonanarchist, Barney, Fresca, Max, etc. They are LA IMC's very own truth tellers.
Cutting off the comments link, banning B.A., cookies, etc. --- Amazing, just amazing truth avoidance.
Report this post as:
by Meyer London
Friday, Dec. 05, 2003 at 6:16 PM
The people who put that crowd on the ignore list probably think of it more as horse manure avoidance. People avoid it on the street so it is not too surprising when they want to avoid it on the internet as well.
Report this post as:
|