undefined | Better HN

0 pointsIX-1031y ago0 comments

It's complicated. Chrome won't block 3rd party cookies by default. But it will present the users with a choice of whether to block them (with what exactly that means TBD). If most or all users choose to block them then it would have roughly the same effect as blocking third party cookies by default would.

Though regardless of that, Related web sites (or whatever that set is currently called) does present a hole in that logic. It was originally meant to allow sites with different domains to share cookies/storage (like google.com and google.co.uk). From what it sounds like, bad actors are using it in the expected ways. There were supposed to be mechanisms to prevent this, but it seems like they failed in this case.

The list is in a public repository however, so Brave could have filled issues and a pull request to address the issue. Instead they decided to stage a meaningless survey and declare Chrome a threat to people everywhere.

0 comments

dwighttk1y ago

>If most or all users choose to block them then it would have roughly the same effect as blocking third party cookies by default would.

Sure but most won’t unless the “go away now” button is “block” which I’m guessing Google wouldn’t do.

jeroenhd1y ago

Google wanted to (that's why they created stuff like FLoC) but other advertisers didn't like that and went to the market authority. They demanded the ability to track users, arguing that the system would give Google an unfair advantage.

After years of back and forth, Google abandoned their efforts. You can still disable third party cookies, in fact I don't think there's been a version of Chrome that doesn't let you block them. Go to your settings and set "third part cookies" to always be blocked. By default, grouped sites may be permitted to read each other's cookies, but you can disable that too.

The problem Google faces is changing the default, simply blocking third party cookie has never been an issue.

riku_iki1y ago

> and went to the market authority

its interesting that authority is in UK, but they pushed Google to abandon effort globally.

jsnell1y ago

Authorities in the US, EU and (IIRC) Japan had expressed anti-trust concerns (threats?) about the original plan. The UK CMA is the only one of those that had a formal complaint, and thus ended up with a veto right on the new design.

j / k navigate · click thread line to collapse