Uploaded byshermozle
PPTX, PDF940 views

Cookiepocalypse. Simon Rumble

This document discusses changes in Firefox and Safari that block third-party cookies by default. It notes that first-party cookies and JavaScript will still work for third-parties if they already have cookies set as first-party. However, this change makes it difficult for companies to reliably track audience overlap between separate domains. It also negatively impacts data brokers and small publishers who rely on data-enhanced ad revenue. Possible solutions discussed include HTML5 local storage and workarounds like browser fingerprinting.

Embed presentation

Download to read offline
FIRST-PARTY THIRD-PARTY  foo.com  doubleclick.net  bar.foo.com  webtrendslive.com  foo.bar.foo.com  foo.112.2o7.net
JavaScript HTTP header response   First-party   Third-party
 New Firefox default is to block third-party cookies  Safari has done this for a while  Detail:  Blocks setting cookies from third-party domains that have no existing cookies set as first-party  i.e., Facebook will still be able to track you
 Reliably(*) track the shared audience between separate domains foo.com bar.com ooo.com * Except Safari
 Google Analytics uses first-party cookies exclusively  Passes cookie ID between domains only when users click from one to the other  Can’t reliably measure audience overlap
 Web analytics vendors need to find a solution  Data brokers are screwed  Small publishers will lose data-enhanced ad revenue
 Moving to HTML5 localStorage late this week  Interesting side effect:  localStorage is isolated by scheme + hostname + port (HTML5 Origin)  Not really a problem though  See: http://htmlui.com/blog/2011-08-23-5- obscure-facts-about-html5-localstorage.html
If the domain already has cookies, it can set them third-party  Facebook will be fine  Google will be fine  Fairfax, News will problably be fine  Web analytics can probably find a workable solution
 Iframe hack: Google got caught using this  Browser fingerprinting  Bounce users through your domains? iJento do this  HTML5 localStorage
 From iPhone or Firefox Nightly:  http://arseh.at/cookie
 Vendors:  David Jordine @Adobe  Mark Allison @WebTrends  Sauli Happonen @Nielsen  Chaoming Li  NarbehYousefian

More Related Content

ODP
Digitalks #15 - Sicherheit im Netz
byMartin Leyrer
 
ODP
Anthony Slideshow
byshermozle
 
PDF
Book review: how to lie with statistics. Rod Jacka
byshermozle
 
PPTX
Web analytics & Online privacy
byPanagiotis Tzamtzis
 
PDF
Media Kitchen - The Cookieless Future
byThe Media Kitchen
 
PPTX
A Brave New World
bySensePost
 
PPTX
What are cookies and what is changing
byDCRB
 
PDF
Talk about html5 security
byHuang Toby
 
Digitalks #15 - Sicherheit im Netz
byMartin Leyrer
 
Anthony Slideshow
byshermozle
 
Book review: how to lie with statistics. Rod Jacka
byshermozle
 
Web analytics & Online privacy
byPanagiotis Tzamtzis
 
Media Kitchen - The Cookieless Future
byThe Media Kitchen
 
A Brave New World
bySensePost
 
What are cookies and what is changing
byDCRB
 
Talk about html5 security
byHuang Toby
 

Similar to Cookiepocalypse. Simon Rumble

PDF
Ferrante and Griffey "Federated Authentication_ Browser changes and what to e...
byNational Information Standards Organization (NISO)
 
PPSX
First and Third-Party Cookies
byWill Clayton
 
PPTX
Digital marketing without 3rd party cookies
byJakub Otrząsek
 
PDF
A Marketer's Ultimate Guide to Web Cookies
byAdRoll
 
PDF
Third-Party Cookies Under Scrutiny - What Marketers Should Know and Do - Core...
byCore Audience
 
PDF
How to Navigate the Era of Cookie-less Tracking.pdf
byTRACKIER
 
PPTX
19_JavaScript - Storage_Cookies_students.pptx
byVatsalJain39
 
PPTX
19_JavaScript - Storage_Cookies-tutorial .pptx
byssuser4a97d3
 
PPTX
Cookies and sessions
bySukrit Gupta
 
PDF
Third Party Cookies: Columbus DAW March 2024
byJason Packer
 
PDF
Cookie replay attack unit wise presentation
byNilu Desai
 
PDF
Thinking_Beyond_the_Third_Party_Cookie_Guide_Refresh_Offer.pdf
byPrasadraoBucche
 
PPT
eBusiness Club "Demystifying the EU Cookie Law presentation, Geldards
byJon Egley
 
PDF
The dawn of the Post-Cookie Era: Thoughts on the Future of Web Analytics
byIbrahim Elawadi
 
PDF
Griffey and Withers "Seamless Access Update: What’s happening in the world of...
byNational Information Standards Organization (NISO)
 
PPTX
Notes on SF W3Conf
byEdy Dawson
 
PDF
Html5 hacking
byIftach Ian Amit
 
PDF
OWF14 - Big Data Track : Take back control of your web tracking Go further by...
byParis Open Source Summit
 
PPTX
Cookies: HTTP state management mechanism
byJivan Nepali
 
PDF
Acquia Webinar Deck - 9_13 .pdf
byAcquia
 
Ferrante and Griffey "Federated Authentication_ Browser changes and what to e...
byNational Information Standards Organization (NISO)
 
First and Third-Party Cookies
byWill Clayton
 
Digital marketing without 3rd party cookies
byJakub Otrząsek
 
A Marketer's Ultimate Guide to Web Cookies
byAdRoll
 
Third-Party Cookies Under Scrutiny - What Marketers Should Know and Do - Core...
byCore Audience
 
How to Navigate the Era of Cookie-less Tracking.pdf
byTRACKIER
 
19_JavaScript - Storage_Cookies_students.pptx
byVatsalJain39
 
19_JavaScript - Storage_Cookies-tutorial .pptx
byssuser4a97d3
 
Cookies and sessions
bySukrit Gupta
 
Third Party Cookies: Columbus DAW March 2024
byJason Packer
 
Cookie replay attack unit wise presentation
byNilu Desai
 
Thinking_Beyond_the_Third_Party_Cookie_Guide_Refresh_Offer.pdf
byPrasadraoBucche
 
eBusiness Club "Demystifying the EU Cookie Law presentation, Geldards
byJon Egley
 
The dawn of the Post-Cookie Era: Thoughts on the Future of Web Analytics
byIbrahim Elawadi
 
Griffey and Withers "Seamless Access Update: What’s happening in the world of...
byNational Information Standards Organization (NISO)
 
Notes on SF W3Conf
byEdy Dawson
 
Html5 hacking
byIftach Ian Amit
 
OWF14 - Big Data Track : Take back control of your web tracking Go further by...
byParis Open Source Summit
 
Cookies: HTTP state management mechanism
byJivan Nepali
 
Acquia Webinar Deck - 9_13 .pdf
byAcquia
 

Cookiepocalypse. Simon Rumble

  • 2.
    FIRST-PARTY THIRD-PARTY  foo.com  doubleclick.net  bar.foo.com  webtrendslive.com  foo.bar.foo.com  foo.112.2o7.net
  • 3.
    JavaScript HTTP header response   First-party   Third-party
  • 4.
    New Firefox default is to block third-party cookies  Safari has done this for a while  Detail:  Blocks setting cookies from third-party domains that have no existing cookies set as first-party  i.e., Facebook will still be able to track you
  • 7.
    Reliably(*) track the shared audience between separate domains foo.com bar.com ooo.com * Except Safari
  • 8.
    Google Analytics uses first-party cookies exclusively  Passes cookie ID between domains only when users click from one to the other  Can’t reliably measure audience overlap
  • 9.
    Web analytics vendors need to find a solution  Data brokers are screwed  Small publishers will lose data-enhanced ad revenue
  • 10.
    Moving to HTML5 localStorage late this week  Interesting side effect:  localStorage is isolated by scheme + hostname + port (HTML5 Origin)  Not really a problem though  See: http://htmlui.com/blog/2011-08-23-5- obscure-facts-about-html5-localstorage.html
  • 11.
    If the domainalready has cookies, it can set them third-party  Facebook will be fine  Google will be fine  Fairfax, News will problably be fine  Web analytics can probably find a workable solution
  • 16.
    Iframe hack: Google got caught using this  Browser fingerprinting  Bounce users through your domains? iJento do this  HTML5 localStorage
  • 17.
    From iPhone or Firefox Nightly:  http://arseh.at/cookie
  • 18.
    Vendors:  David Jordine @Adobe  Mark Allison @WebTrends  Sauli Happonen @Nielsen  Chaoming Li  NarbehYousefian