Is used to be such that only the mail.google.com:GX cookie was required to access webgmail (even if it added a number of other cookies post that access, they could be reasonably narrowed down and blocked to just mail.google.com, if I recall). Now within the past many months that has changed to include, at minimum, myriad cookies in google.com. (I've not tested which are the minimum set). These will potentially cross with ads and other tracking things. While great for google integration, it's bad for user privacy regarding domain/usage segregation. Do not trust the google in your browser anymore. As if, ever, obviously.
On Thu, May 15, 2014 at 08:57:47PM -0400, grarpamp wrote:
Is used to be such that only the mail.google.com:GX cookie was required to access webgmail (even if it added a number of other cookies post that access, they could be reasonably narrowed down and blocked to just mail.google.com, if I recall). Now within the past many months that has changed to include, at minimum, myriad cookies in google.com. (I've not tested which are the minimum set). These will potentially cross with ads and other tracking things. While great for google integration, it's bad for user privacy regarding domain/usage segregation. Do not trust the google in your browser anymore. As if, ever, obviously.
Certainly. google probably will change the minimum cookie set. Just for mail isn't it better to not use browser but an email client via SMTP/IMAP: http://email.about.com/od/accessinggmail/f/Gmail_SMTP_Settings.htm
On Fri, May 16, 2014, at 03:44 AM, Georgi Guninski wrote:
Is used to be such that only the mail.google.com:GX cookie was required to access webgmail [...] Now within the past many months that has changed to include, at minimum, myriad cookies in google.com. (I've not tested which are the minimum set). [...] Certainly. google probably will change
On Thu, May 15, 2014 at 08:57:47PM -0400, grarpamp wrote: the minimum cookie set.
Just for mail isn't it better to not use browser but an email client via SMTP/IMAP:
http://email.about.com/od/accessinggmail/f/Gmail_SMTP_Settings.htm
I haven't used Gmail for any serious email except when there's been no reasonable alternative. (Case in point: I was on the committee for a local charity event and the organizer had taken apparently large gulps of the Google Kool-Aid to the point where the event documents were all on Google Docs/Drive.) It is worth the extra $20 or so per year to not have Google be able to cross-reference my search history with my email, and better still to be free of Google's stupid irrelevant or sometimes overly relevant ads in my email. It's bad enough when I browse a site and immediately see both Google ads when I browse elsewhere, and then Facebook ads for it when I check in there. -- Shawn K. Quinn skquinn@rushpost.com
Message du 16/05/14 03:32 De : "grarpamp" A : tor-talk@lists.torproject.org Copie à : cypherpunks@cpunks.org Objet : Observation re gmail/google cookies
Is used to be such that only the mail.google.com:GX cookie was required to access webgmail (even if it added a number of other cookies post that access, they could be reasonably narrowed down and blocked to just mail.google.com, if I recall). Now within the past many months that has changed to include, at minimum, myriad cookies in google.com. (I've not tested which are the minimum set). These will potentially cross with ads and other tracking things. While great for google integration, it's bad for user privacy regarding domain/usage segregation. Do not trust the google in your browser anymore. As if, ever, obviously.
Forget gmail, it is not your friend, use it to keep up your real self where you discuss your latest favorite dvd from lady gaga. Take your real interests to another service, there's plenty of free alternatives in countries that are not US-friendly.
participants (4)
-
Georgi Guninski -
grarpamp -
Shawn K. Quinn -
tpb-crypto@laposte.net