Hi Tarek, I just added most of this as https://bugzilla.mozilla.org/show_bug.cgi?id=818340#c134 but figured I'd repeat it here, since bugzilla is not supposed to be for discussions.
Blocking all third-party cookies outright hasn't worked (https://bugzilla.mozilla.org/show_bug.cgi?id=324397, https://bugzilla.mozilla.org/show_bug.cgi?id=417800). Bug 818340 added a preference to accept third-party cookies only from sites that the user had visited. The way that was determined was to count the number of cookies that already have cookies from that domain. However, http://monica-at-mozilla.blogspot.com/2013/10/cookie-counting.html shows that this approach only affects about 9% of third-party cookies, and many of the organizations using third-party cookies have workarounds that allow them to set cookies in a first-party context. It seems clear that we need to do something and equally clear that this patch is not the answer. I think this patch was useful in understanding challenges in doing privacy-related work, but has reached the end of its usefulness. Beyond the scope of that bug, it doesn't seem possible to do experimentation in this area without a coherent strategy. Small technical changes incur a lot of non-engineering overhead resulting in stop energy. We need to be smarter about how we approach the problem, not just throw together a bunch of piecemeal changes. Thanks, Monica ----- Original Message ----- > When I downloaded FF26 -- nightly, i saw that the default option was to > remember history and that when I switch to custom, the default option was > NOT to accept 3rd party cookies. > I'm a bit confused because in the post below, it is mentioned that the > default option would the custom one that blocks the 3rd party cookies: > https://blog.mozilla.org/privacy/2013/02/25/firefox-getting-smarter-about-third-party-cookies/ > > Question is: is FF26 a transitionary version that would eventually result in > the default option being to block all third party cookies? or is that how > the final implementation of this whole initiative gonna be? > thanks! > _______________________________________________ > dev-privacy mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-privacy > _______________________________________________ dev-privacy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-privacy
