> one of the most annoying is the prevalence of pointless cookie warnings we have to wade through today.
Hey if you're cool with me using your hardrive to store data I have a bunch of chia coins that need mining. Its weird how getting somebody's permission before using their stuff is considered unnecessary.
It is weird to focus on storage, considering the cache for the HTML/CSS/JS generating the warnings likely takes up much more storage space than the cookies themselves.
I noticed that comment also. It seems like the point of view of an engineer that doesn't really think about security.
Reminded me of when I first discovered that major browsers allow third party cookies by default. And thinking I can't believe they allow this massive privacy leak.
You don't need to show a "cookie warning" to store a cookie. You only need to show a warning if you're tracking a user, regardless of the technology used (cookie, local storage...) But if you want to store someone's language choice, username, or credentials in a cookie, no banner is needed. In fact, this website is the perfect example.
Well they're two different APIs. Most people aren't concerned about a few KB to store things like sessions. Most people don't even know what cookies are.
So the cookie warnings have basically become the Prop-8 warnings of the internet, where they're so prevalent people just ignore them, but the cookie warnings are more annoying since they require active dismissal.
The distinction, and this is an important one, is that cookies have a hard cap of 4Kb of data per domain, making them nigh-useless for that purpose. All they are good for is recognizing a given user server-side across multiple page loads and storage of a few handful of user preferences. Cookies also get sent with every request, so using them as storage is just asking to balloon your bandwidth costs.
On top of that, using localStorage for storing large amounts of data rarely involves anything like a cookie warning because it's 100% client side unless manually sent back to the server. And even then, if you anonymize the data (i.e. you don't care who's storage you are using), you still don't technically need any warning.
All this to say: There is basically no relationship whatsoever between pervasive cookie warnings and the usage concerns you are voicing. Both are valid concerns, both are important stakes, but they have nothing to do with one-another.
You do say hard drive but you also imply that permission to store cookies is as good as permission to mine cryptocurrency simply because the user allowed access to storage.
The argument these other commenters are trying to make hinges on the idea that the type of storage for cookies wouldn't work that well for crypto mining.
You're calling that argument nonsequitor and I don't think it is. It's immediately applicable to explaining the gap in your reasoning. That gap, for the record, being Cookies Storage == Crypto Mining.
Finally, let me give an example. "I own my house and my land so therefore I'm a sovereign citizen." That's a bad argument for largely the same reasons.
Hey if you're cool with me using your hardrive to store data I have a bunch of chia coins that need mining. Its weird how getting somebody's permission before using their stuff is considered unnecessary.