My current policy for "Cookie Consent" dialogues:

1. Fire up uMatrix and globally block cookies for domain.

2. Fire up uBlock Origin to block element on page.

3. Self-Destructing Cookies for edge case motherfuckers.

Remember, boys and girls and all that lieth betwixt and beyond: FIRST pillage THEN burn!

DecentralaEyes is another interesting proposition:

Websites have increasingly begun to rely much more on large third-parties for content delivery. Canceling requests for ads or trackers is usually without issue, however blocking actual content, not unexpectedly, breaks pages. The aim of this add-on is to cut out the middleman by providing lightning speed delivery of local (bundled) files to improve online privacy.

Show thread

Keep in mind that blocking *all* cookies may (though very often does not) limit site features.

You've nothing to lose by trying this. Self-destructing Cookies offers a fallback by deleting all cookies shortly after closing a tab (15 seconds by default, you can up this to a few minutes for more continuity).

You WILL need to SPECIFICALLY WHITELIST sites you have accounts with, including financial, shopping, SAAS, social media, and similar sites.

Set up 2FA for these while you're at it.

Show thread

You can also use Firefox Multi-Account Containers to segregate activities, or sites, into individual boxes. These are isolated from one another and minimise data-sharing across browser activity.

Firefox has activity-based containers by default. I prefer site-specific segmentation. So, Google, Amazon, your bank and bil-pay services INDIVIDUALLY get their OWN containers.

What happens in Vegas stays in Vegas.

And there's more ...

Show thread

You don't have to keep all Google activity iin one container -- you can split out, say, and

You can also have account-specific containers for a site; say, reddit-goldposter and reddit-shitposter, as an example.

Multi-Account containers is hugely powerful. I'm only scratching the surface and welcome suggestions.

Show thread

@dredmorbius I currently prefer Cookie AutoDelete to the reimplemented Self-destructing Cookies:

CAD also supports LocalStorage cleanup (with some limitations when combined with MultiAccount Containers).

@dredmorbius i mean, you don't really have to... only if you want to keep them logged in
i have a google account, that doesn't mean i have to keep it logged in

@dredmorbius (*that applies to self destructing cookies, idk about the others)

@grainloom Google (and other sites & domains) use and retain cookies even (and/or especially) when not logged in.

MAC devalues this.

@dredmorbius I have been not much a happy with it, because it increases the resources usage of firefox a lot. I was using it to distinguish my online identities - and it felt a bit too hard for my laptop to work fast and well :(

Also, I container tabs are non-existent on mobile firefox

@dredmorbius Considering your distaste for cookie nags, #CAPTCHA, & other such junk, it's a surprise you are using a #CloudFlare-jailed mastodon instance. #Tor users can't expand pics you post. It's really a bad idea to #centralize a federated node in a walled garden. I suppose you're a bit trapped there now that you have 1.4k followers.

@dredmorbius A gratis #CloudFlare alternative is #Netlify, which is also problematic b/c it uses #amazon aws. CF is much more evil though due to #netneutrality abuses & pushing ppl off #Tor. A non-gratis alternative is #perimeterX.

regarding followers, indeed that's what I was saying. It's a shame #mastodon has no /change of address/ mechanism. Nodes go up and down all the time & we expect the nature of #decentralization to accommodate. It's a #bug imo.

@dredmorbius You know what the american sites are doing after #GDPR they make you enable JS so that they can show that accept cookies popup, then only give you access to their web page. 👎

@dredmorbius Why don't you just use Firefox's "save until the end of the session" and/or "block third-party cookies" built-in function?

@carachrone Also: general principle.

If I could, I'd have some reasonable psuedorandom source just stream crap into the cookie header until remote falls over.

Sign in to participate in the conversation

Everyone is welcome as long as you follow our code of conduct! Thank you. is maintained by Sujitech, LLC.