Vince,
Your analogy is quite good. I should have turned off my "who are you" and
cookie when I decided to post the URL here on this list. Originally it was
not
intended to be a publicized site since it had some personal content on it.
I
just did the cookie thing as a convenience for my friends so they wouldn't
have
to log in and remember a password. The personal diary / recollection
section
is no longer a visible link on the site, so I don't really have the need to
know
who's visiting. Originally, if unknown persons were visiting the site, I
was going
to add a login / password, but that need never really occurred because the
only
unknown thing that ever visited my site was the web crawlers, and they
couldn't
crawl past the "who are you" page, so the site content was never indexed in
the
search engines beyond the "who are you" page.
I'm a late 40s guy too. To be more precise, I'm 46, about halfway to 47.
Ashley
----- Original Message -----
From: "vrs" <vrs(a)msn.com>
To: "General Discussion: On-Topic and Off-Topic Posts"
<cctalk(a)classiccmp.org>
Sent: Friday, September 17, 2004 11:06 AM
Subject: Re: Site Privacy issues
I don't
know, it just seems that it's people who either don't understand
how web browsers and non-static sites work, or relative newbies to the
Internet, seem to shout and rave about cookies "OMG, that site sent me a
*cookie*! I'm being hacked! They're going to steal my credit card
number and my pr0n stash!"
I'm going to jump in here (hopefully briefly). I am not a fan of cookies,
and run with them turned off by default. I am also a user of cash, for
many
of the same reasons.
I'd like to draw an analogy between cookies and meatspace transactions.
When I go into a a store to buy something, I like to whip out my cash, pay
for the item, and be on my way. I am not interested in forming a
"relationship" with the shipkeeper. Likewise, I like my web browsing to
be
quick and anonymous, unless there is a good reason for
the interaction to
be
otherwise.
To me, cookies are the web equivalent to those obnoxious shopper cards
that
have been all the rage lately with store owners. Now
when I go to buy
coffee at the store, the clerk asks if I have a store card, even though
(or
especially because?) I am paying in cash. If I
don't have one, (s)he
immediately offers me one.
Why does (s)he do this? Is it because they want to identify repeat
customers, and offer them all kinds of discounts? No. That might be why
customers do it, but it isn't why stores do it. (S)he does this because
the
store wants to de-anonymize the transaction. They
want to track my buying
habits and offer customized advertising (not to me, to the advertisers!),
in
the form of coupons on the back of the sales slip,
junk mail, and (in the
case of Safeway and Amazon, at least) later when I browse the web.
This is the real reason many sites want to place a cookie -- they want to
identify me, profile me, and offer me tailor made propoganda for a variety
of causes. This always sounds like a great idea to them. No thanks.
I am also aware that transparent GIF images and other technologies replace
cookies, and are much more difficult to suppress.
Pretty much any site that does anything
"cleverer" than serve up static
pages is going to need some means by which the server can keep state -
HTTP doesn't really have a mechanism for this, since the connection is
closed once the page has been sent. Now, if you want the server to have
some idea of where a given client has come from *within your own site*,
you can either fake it with hidden form fields (not always possible, but
worth a try), a big long identifier in the GET request (ugly, and prone
to error), or use a cookie. It's not a fantastic way of doing it, but
it's the "least worst" in the absence of properly stateful connections.
The number of sites that need to do anything "cleverer" than serve static
pages is quite small. If I am actually going to do business with a web
site
(and I do, with a few), then I will turn on cookies,
etc.
My especial peeve is with the sites that really are only serving static
pages, but want to place a cookie anyway. There is no good reason why I
should want them to do this.
One of the assumptions that lurks behind this mindset is that, although
our
needs converge on a particular interaction, it is
important to remember
that
others have their own interests at heart, not mine
(rightly so), and that
their interests and mine will frequently be in conflict.
To summarize, I think of cookies like those store cards, and refuse them
for
a lot of the same reasons.
Just to give you some
frame of reference, I am probably around the young-to-median point of
the age range of this list (actually, what *is* the age range? It would
be interesting to know) - old enough to remember the days before
sub-?100 home computers, and *just* old enough to fondly remember
Honeywell CP-6 at university.
Late 40s, myself. Don't know, but from the small sample I have, that puts
me within a few years of a lot of others.
Vince