You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 432 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
Privacy and Cookies
PHP-NukeImago writes "Dear Nukers, Recently I received a letter full of noble resentment from a group of distinguished academics, part of a H-NET list, to the effect that Nuke-based sites are dangerous to the general visitors, since they do indiscriminately set cookies and, in fact, are tracking their guests, irrespectively of their wish or lack of whatever desire to become members. Here is what they say:

It is not clear to me as to why a site that is ostensively academic in its focus would have a need to track its users, but in any case, you (the members of the list) should probably be aware of this.
To this I replied:
Indology Net uses an advanced content management system with member's registration, topical subscriptions, private messaging, personal web mail and other extras which are impossible without setting cookies. Without these small pieces of code stored on your computer, not in our system, the CMS server would not be able to recognize you and to offer you the survices one has subscribed to. Cookies are not for tracking users - this is impossible, delete your cookies and you will see that the system will not recognize you, - they are for member's convenience and do not present any harm to one's hardware, software or moralware. I am very much sorry for having to discuss such issue, but since there can be always questions, I'd like to assure you that using cookies is harmless. Cookies are not spies, please, treat them as friendly gobetweens.
The reaction was that I am underestimating the issue, that this CMS is doing a bad service to the community, that setting cookies is justified only "as long as one has explicitly agreed to subscribe, requested to receive such services, or overly declared the intention to become a member of the site in some manner or another... Cookies do store personal user information, and do make computer user habits available to the cookie owners, which is why browsers include settings for blocking their usage." So, good friends, advise me what to reply and, most importantly, what to do. Can we disable setting cookies for guests? Or this is something without which Php-Nuke will not properly work? Anyway, my targeted community is generating suspicions in the good will and net-morality of our Nuke sites. And this suspicions and blames come from a List hosted by the university that invented Internet. Are they justified?"
Posted on Friday, January 16 @ 10:14:19 CET by Zhen-Xjell
 
Related Links
· More about PHP-Nuke
· News by Zhen-Xjell


Most read story about PHP-Nuke:
PHP-Nuke new development direction (part 2)

Article Rating
Average Score: 0
Votes: 0

Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad


Options

 Printer Friendly Page  Printer Friendly Page

 Send to a Friend  Send to a Friend

Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register

Re: Privacy and Cookies (Score: 1)
by georgiaguy on Friday, January 16 @ 11:05:38 CET
(User Info | Send a Message)
i've muddled around with this without much success. though, in all honesty, it's been a half-assed attempt, not something that's gotten my full attention for long enough to properly address it. i don't see why it wouldn't work...if the cookie isn't there, then just go to the default "guest" mode. only start setting cookies (and make them session cookies) when the guests change languages, etc.
i would like to integrate some sort of terms and conditions statement into the user registration, which states what cookies are and why they are used, to which the user must agree before proceeding.

if anyone is interested in helping me pursue a cookie-less guest user MOD, send me an email to dari AT nukedgallery DOT net and we'll get something organized.



Re: Privacy and Cookies (Score: 1)
by georgiaguy on Friday, January 16 @ 11:14:57 CET
(User Info | Send a Message)
ok, so i checked the cookies that an anonymous user receives from the site...a stock 6.9 install places a language cookie, valid for 1 year. MS_Analysis places a screen resolution cookie, valid for 21 years.

i think it would be an easy MOD to have the language default to english without a cookie. nuke can check for the cookie, and if it's there, use the language setting that is stored in it, otherwise just use english. this way, any english-speaking user (or whatever the default site language is) would be able to anonymously visit the site with no cookies being set (except for situations like MSAnalysis..though I'm not sure why that sets a cookie, instead of just storing the data directly).



Re: Privacy and Cookies (Score: 1)
by kipuka on Friday, January 16 @ 12:01:03 CET
(User Info | Send a Message)
What you could tell them is you are using software which was designed for a wide range of users. If they don't want to become a member, they can set their browser not to accept cookies from your site. I think everything should operate the same except features for which you require login and their default language. I also recommend you educate them that practically every site on the net, even academic ones, maintain server logs which capture visitors' IPs, where they came in from, usage times, and every single page, graphic, and file they access.

phpnuke's cookies store a dozen or so pieces of information. Four of which contain personally identifiable info: username, password, uid and whether they are an admin. The rest are user selected custom settings. If the person is a guest, the script captures his IP, which btw I disagree with, and stores that in a cookie on his computer in addition to the language. IMO the ones for guests could be elimated.

Cookies are needed for automatic login. To keep a person logged in as he surfs from page to page requires either using them or a sesssion id in the url. The latter of which creates non-friendly addresss for both humans and search engines.

In summary, yes guests are being tracked but really no more than other sites are doing, including academic ones unless you are using a script that monitors IPs like the Protector or MS-Analysis.


  • Re: Tracking by Imago on Friday, January 16 @ 12:38:47 CET
    • Re: Tracking by kipuka on Saturday, January 17 @ 05:49:02 CET
      • Re: Tracking by kipuka on Saturday, January 17 @ 07:51:03 CET

Re: Privacy and Cookies (Score: 1)
by georgiaguy on Friday, January 16 @ 15:44:02 CET
(User Info | Send a Message)
here is what i've done:

using the AUP from this site, altered to reflect slightly different policies. basically, it places the burden on the user. they can choose to read the whole thing and accept, or not to read it and accept anyway.



Re: Privacy and Cookies (Score: 1)
by Zhen-Xjell on Saturday, January 17 @ 10:01:29 CET
(User Info | Send a Message) http://castlecops.com
In my Internet tenure, I've found that cookies stir up lots of conversation. Fundamentally, they are doing their job correctly on PHP-Nuke and other forum websites. The portal uses them to identify your username.

What the real issue becomes is when third party cookies are used, for instance, ad companies like Fast click and Double click. Banners on sites drop their own cookies that ultimately "track" the user from site to site. It is this use of cookies that is the issue.

Even toolbars by Alexa and Google drop cookies to track their users.

Folks who do not understand the difference are the ones that create the heated cookie cutter debates.

In a PHP-Nuke portal with no external banners, cookies are doing their job correctly. They are allowing the members to log into the portal and stay logged in. Why would such a portal cause a stir on 'tracking' its members in such an instance?



Re: Privacy and Cookies (Score: 1)
by Guardian on Saturday, January 17 @ 19:57:40 CET
(User Info | Send a Message)
I think the debate over cookies will go on forever.
There are pro's and con's as in any other debate.

However, I think what should be highlighted is not the fact that cookies are set but the fact they are set for user convenience and not from some other ulterior motive such as spyware.

If surfers did not want cookies stored on their PCs, they should either stop surfing the 'net or set an appropriate cookie security level in their browser.



Re: Privacy and Cookies (Score: 1)
by tompet on Saturday, January 17 @ 21:40:19 CET
(User Info | Send a Message) http://www.successwebmasters.com
In Sweden we did get a law some months ago, that stated that all sites that uses cookies has to inform their users how they use the cookies and to what the information is used. And then have to give the user the possibility to enter an other site without cookies or to leave the website.

It did seem like a stupid law in the beginning but I think it is good to inform the users about cookies and how they are used as well as the information. It is actually a part of the privacy statement but the information has its own page.

After we started to give this information on our website, in Swedish, we have had no complaint about cookies or any other security questions from users. I think the whole problem often is that many websites doesn't have clear and correct information about themselves, how they handle privacy, cookies and also IP-adresses. (We also have an IP-adress policy that says that we save IP-adresses in case of missuse of the website. It make our serious users fel safe and others, hopefully, to don't do any "tricks".)

It is your website, you not only decide what content it should be there but also how it should be used, free, cost money, security, use cookies or not, etc. But you have to tell your users so they can choose if they agree to it or not.


Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.072 Seconds - 188 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::