There is no allowlist. The tracking supercookies from FB and Google should be bl... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		sudosysgen on Feb 23, 2021 \| parent \| context \| favorite \| on: Total Cookie Protection There is no allowlist. The tracking supercookies from FB and Google should be blocked, only those detected to be for sso using a common heuristic are allowed.

Nextgrid on Feb 23, 2021 [–]

What prevents them from adapting and using the SSO cookie as a tracking vector? Why are we assuming they aren't doing this already?

sudosysgen on Feb 23, 2021 | [–]

Then they get put in a blocklist and only redirect based SSO is allowed.

That being said, if I understood right, as long as you don't use sso it shouldn't allow them.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact