Author Topic: Prevent cross-site tracking  (Read 650 times)

citoyen

  • Occasionally rides a bike
Prevent cross-site tracking
« on: 06 April, 2021, 06:01:53 pm »
I had a problem using the BT Sport player - got an error message saying I needed to allow cookies, even though I had already allowed them. The fix was to de-select the 'Prevent cross-site tracking' option in Safari preferences.

Annoyingly, I can't see any way of doing this per site, so de-selecting this in preferences means cross-site tracking will be enabled universally.

Tbh, I'm not 100% sure what cross-site tracking is - is it bad to allow it?

The player app seems to work fine in Chrome so I might just use that instead.
"The future's all yours, you lousy bicycles."

ian

  • not a woman, not an american, not a vampire
Re: Prevent cross-site tracking
« Reply #1 on: 06 April, 2021, 07:21:47 pm »
Depends if you want to be tracked or not – it means one site drops a cookie but another site can read it. Basically, you're browsing away and one of those marvellous adverts jiggles away at the side and drops a cookie. You go to that site or another, and it can read that cookie, and figure out where you saw the advert, that kind of thing. It's not world-ending but in theory lets entities track your progress around the net.

There's probably a very complicated explanation, but that's basically it, it stops sites reading cookies from elsewhere.

This does occasionally break things when there are different domains, I had to do this to get Teams to work in a browser.
Support the Great Surrey Bear Census 2020 (postponed due to COVID)

citoyen

  • Occasionally rides a bike
Re: Prevent cross-site tracking
« Reply #2 on: 06 April, 2021, 07:56:21 pm »
That makes sense, thanks. And answers the bit I wasn't sure about - ie whether it meant site B could track my activity on site A.

Also explains why it would cause the BT site to break.
"The future's all yours, you lousy bicycles."

Re: Prevent cross-site tracking
« Reply #3 on: 06 April, 2021, 11:48:13 pm »
Strictly, one site can't read another's cookies anyway - that's fundamental to the design of cookies. What happens with cross-site tracking is a third site dropping cookies on people who visit either of site A or site B, and therefore using your behaviour on A to determine what ads to show you on B (for example).

As ever, the cookies in themselves will be pretty harmless. It's what can be done with the cookies that you may or may not be happy about.

There should be a cookie/privacy policy telling you what's happening. Though it may or may not be comprehensible.

Re: Prevent cross-site tracking
« Reply #4 on: 07 April, 2021, 09:03:32 am »
If you are worried about tracking via third party cookies, one option might be using EFF's Privacy Badger.
Not supported on Safari, but it will run on Chrome, Firefox etc..

https://privacybadger.org/

You can allow certain cookies on given sites or even disable it for specific sites.

A lot of organisations are switching to first party cookies and delegated cookies anyway to circumvent the third party cookie protections. For example, if you visit example.com, they will delegate tracking.example.com to a third party tracking company and cookies for tracking.example.com will be dropped on your device and treated like first party cookies, even though technically they come from a third party.
A Few Apples Short of a Strudel

citoyen

  • Occasionally rides a bike
Re: Prevent cross-site tracking
« Reply #5 on: 07 April, 2021, 09:42:16 am »
If you are worried about tracking via third party cookies...

Tbh, I don't know if I am worried or not. Should I be?

I guess it comes down to the nature of the sites I'm visiting and what they're likely to do with my data. I'm resigned to living with 'targeted' ads in my social media feeds.
"The future's all yours, you lousy bicycles."

ian

  • not a woman, not an american, not a vampire
Re: Prevent cross-site tracking
« Reply #6 on: 07 April, 2021, 09:50:41 am »
Short answer: not really.

You can turn the feature on and off in Safari.
Support the Great Surrey Bear Census 2020 (postponed due to COVID)

Re: Prevent cross-site tracking
« Reply #7 on: 07 April, 2021, 09:59:51 am »
You can always view the site in a private / incognito tab.  Then when you’ve finished, close the tab and all the cookies will be deleted.

fuaran

  • rothair gasta
Re: Prevent cross-site tracking
« Reply #8 on: 07 April, 2021, 10:07:56 am »
Firefox can let you allow cross site tracking for specific sites.
Can also use container tabs, which will stop it accessing any cookies from outwith that container.

Re: Prevent cross-site tracking
« Reply #9 on: 07 April, 2021, 10:28:16 am »
Firefox can let you allow cross site tracking for specific sites.
Can also use container tabs, which will stop it accessing any cookies from outwith that container.

FireFox 85 (current version is 87) introduced state partitioning:

Quote
In Firefox 85, we’re introducing a fundamental change in the browser’s network architecture to make all of our users safer: we now partition network connections and caches by the website being visited. Trackers can abuse caches to create supercookies and can use connection identifiers to track users. But by isolating caches and network connections to the website they were created on, we make them useless for cross-site tracking

Safari's "Intelligent Tracking Prevention" looks like it blocks third party cookies by default anyway:

[ur]https://webkit.org/blog/10218/full-third-party-cookie-blocking-and-more/[/url]
A Few Apples Short of a Strudel