Follow the Cookie Trail - Computerphile

for months and months I defended that brown paper - now you all change your tune!

Thanks - it was Sean who got his hands on that! Makes me all nostalgic. >Brady

How come when I watch videos with Indian, Russian and Chinese people, there are never any complaint about accents, yet they are almost impossible to understand? Yet this guy is from the little Island where the language was born, and probably where a good percentage of those who are reading this from america and Canada descended from. Top notch mate, understood every word.

You could also block ads using the hosts file. Its a bit tricky but universally works on everything.

They don't stop working, they just work not so great anymore. The most obvious effect of "not working" is that the "remember me" doesn't work anymore. Not a lot of other things happen.

The dot matrix printer paper, instead of butcher's paper, is a nice touch.

I find this description of how cookies work lacking. It's not that important that the server sends you a cookie, the important part is that your browser sends it back every time you visit the site again. And that was not mentioned.

Thax Bradty! I love the new canal! And the new paper....

Topic request: retail websites that change their pricing based on your demographic grouping; age, location, etc.

I love this guy's accent when he says world wide web

Nice overview of the basic server client relationship for cookies. More in depth security videos would be nice as well, including bots and crawlers. A lot of this stuff is going to come into play more and more as we become more connected with our technologies. Third party cookies are actually one of the minor culprits at the moment.

In his case, the cookie is deep fried.

I wish the Google cookies worked better to give me more ads for things I want, and fewers ads for things I don't (which inevitably repeat ten or twenty times).

Loving the new channel Brady. Yous should see if you can do something on the raspberry pi at some stage, so much good content to talk about on it. Thanks for all your awesome videos! they get e through the week!!!

Also, the facebook like button on apage records your ip address. Even if you don't have a facebook account. Also Adobe Flash cookie hide somewhere else on your computer.
There are more hidden trackers as well.
Learn and protect yourself.
:)

interesting you should say "out of interest" because that is exactly what would be required from google: interest. they would have to feel that doing this would be in their best interests (on the one hand it would mean they would get ad revenue since more people would see the ads, on the other hand they would be working with an ad blocker software which many ad companies consider to be evil and could hurt their relationship with certain companies) so it all comes down to convincing google.

lol Billy Connolly explaining cookies to me? Awesome!

i don't think it's only 3rd party cookies that are the problem. i only need very few of the sites i visit to remember me. so it's better to only allow these few and ignore the rest.
unfortunately many sites will annoy you if you don't accept their cookies, so good cookie managers just regularly remove all cookies except those you want to keep.

Would like to know more about that.

That's not totally true. You see they won't make money from me and other people who use those adblockers, but they will from 'normal' people who browse around and that's the majority.

As said, I think that's highly unlikely. But even if, at the very least you should give them the benefit of the doubt. If it really ends up being only tutorials three times in a row or something, you might be right, but just because of one tutorial, that seems rather like jumping the gun.

Those cookie confirmations are pure bureaucratic nonsense. If you decide not to accept cookies, the websites stop working so they're not optional and telling the user is meaningless. You may as well pop up a message saying "This server has just logged your IP address and page request in its logfile. Click here to accept this" every time you view any website anywhere in the EU.

OK, then I will delete my air and water-tight theory on how to successfully reconcile general relativity and quantum field theory while curing cancer and AIDS. I was going to post it only once in a life time and you blew it for all of humanity.

And that's why there's Adblock Plus!

Have you go into much in the way of code? I learned most of my code basics from ROBLOX. While I wouldn't use it now (i have blender), it helped me a lot.
(any other scraps of code i learned came from action script)

Aargh, too many tags! :@
These videos are going to be riddled with error messages, and it hurts mah brain! But it's cool, the videos are awesome (although this one was notably better than the last!), so I am looking forward to future videos. Particularly ones with programming! =D

aww no mention of evercookies

"There you GOO"

This paper is awesome.

I guess it isn't the entire code. There must be some sort of function head or something

Ok, so to make sure I'm understanding this correctly first, cookies allow websites to remember information about you by having YOU store information about your activates right? So if websites are going to "recall" those memories, they will have to query your system to find out if you have this or that cookie, correct? What stops website A from checking for website B's cookies, and getting information you didn't give to them?

why is javascript a scripting language, but php is a programming language? they're both interpretted, rather than compiled, and they're both used in serverside and clientside contexts. although, i agree that html and css don't really cound, but that all depends on your definitions.

Have a cookie.

the would wuld weub is fun to use.

Love how this guy's voice pitch increases towards the end of a sentence :D

I love how in order to opt out from cookies on a site, the site needs to save a cookie

Hmmm. I checked and the Jaffa Cakes official site uses cookies. So much for them being cakes.

Tom has a Scottish accent

What a wonderful accent!!!

Raspberry Pi is on the list - quite high up actually! >Sean

Is that paper for a dot matrix printer?, wow that still exists ;)

We are dipping our toes in the arduino 'waters' in the next video, more in depth on them in the near future...

Actually it is 'music lined' green and white striped tractor feed computer paper... >Sean

Thanks!

EU changed the laws what information an internet site could gather from the user and the end result were that I couldn't access USA newspapersites for months until they had changed their sites to comply for EU users. Some of them never did as EU users were such minority.

Oh my gosh that accent. This is going to be a good channel

we will be looking at programming soon >Sean

fixed now - sorry for the delay >Sean

I love his voicecracks :D

fixed now, apologies for the delay! >Sean

"hello"
Of course, with a amazing accent.

It makes me feel great when after watching all the other channels, I TRY to understand. But this channel, I know everything already

Great explanation, subscribed and will watch the rest, thanks.

Very nice videos, computerphile ! :D

I've always loved the brown paper. Don't stop using it!

Instead of cookies being sent by the host website, would it not be more efficient for the target machine to do the data memory management? So instead of the website sending me a cookie so my machine remembers my shopping cart, why not something built into the operating system my end creating it's own cookies for internet sessions?
Less data being sent and the cookie management would be done by my machine instead of the host website which can send other unwanted cookies.

Your browser cache is like a collection of photocopies of old web pages you've visited so your computer can load content from them without having to request it again from the website the next time you visit a page. Websites don't look at your cache since there's nothing there that they want; it's just a bunch of html's. Cookies are text files that are made by the web page and stored locally on your computer.
tl;dr: Your computer wants to remember the cache; websites want to remember cookies.

Bill Gates, Larry Page & Sergey Brin (Google), Mark Zuckerberg, Steve Jobs and MANY others disagree.
Programming is a skill that transcends the languages. The languages change, but design patterns stay valid.
Every business changes and everyone must make sure they stay relevant. A good programmer is very valuable for a company. Your father might not respect them, but if anything the last 30 years have shown programming is a worthwhile profession. I need more than 500 characters to explain this

I kinda like the idea, but video is a bad form factor for this. When it comes to code written tutorials are a lot more helpful. Either way you need to spend many hours to master programming languages. If you really want tutorials maybe you should go to nettuts+ . They have some good stuff for starters.
I'm not saying he shouldn't explain how they work, but tutorials aren't in the scope for this channel and rightfully so in my opinion.

Being a scripting language doesn't make it less of a programming language. A programming language is defined a language which communicates instructions to a machine. The fact that they usually aren't compiled to binary doesn't change that. PHP, and Javascript for that matter are programming languages since you can use them to instruct a computer to do stuff. Yes you need an interpreter for both, but you also need JRE for Java so just the dependencies don't exclude them.

You are absolutely correct. More "something must done" heavy-handed interference from a self-serving political class. Wasting the productive sector's time and resources, and simultaneously annoying end-users for no benefit is "something", clearly therefore it must be done.
Legislating on non-problems simply for the sake of legislation, to justify themselves and to further insert themselves into citizen's daily business.

Ok, I got you confused with someone else. Never mind in that case. There are some people asking for tutorials though, so it's aimed at them in that case!
My bad.

I don't think he's a troll, he's just mistaken.
either way, it's hard to conclude from that one line what you meant. I guess I picked the wrong option ;)

I'd love to see some documentation of that - I can't seem to find it.

Yes and no. Data Caches are actually locally stored versions of the HTML pages that you visit, usually just the plaintext, and they have a hash for them. How pages load faster with caches is that it compares the hash from the stored version to the one on the server. Cookies will generally have this hash, while the cache is located separately. If the hashes on your machine match the ones on the server, no downloading is needed. If not, it downloads the latest version of the page.

You can cover a lot just by a while on Wikipedia, seriously. Things to look up, pretty much in order: Modular arithmetic, shift cipher (Caesar cipher), affine cipher, Vignere Cipher, Hill cipher, block ciphers (+modes of operation), DES, AES, cryptanalysis, private/public-key cryptography, RSA, Diffie-Hellman, elliptic curve cryptography if you want more math,and I guess hash functions (SHA, MD5). This is basically your average cryptography course in a nutshell.

I don't mind personalized adverts. Ads serve an important purpose to us, letting us know which products and services exist. If it is possible for the ads that I see to be about topics I am interested in, the ads start to actually benefit me, allowing me to take them more seriously and actually watch/read them.
The old model of showing ads indiscriminately to huge masses is inefficient for both advertisers as well as viewers, since our time is wasted on things we are not interested in.

Forcing websites to add the "this site uses cookies" is just pointless. If a user is that concerned about it, then why don't they just disable cookies in their browser? But forcing every website to do it all separately is just a waste of people's time. It's a basic construct of the web and most websites use them for login forms or pretty much anything. I know posting a UA-cam comment isn't going to change anything but ranting about the EU is always fun.

I urge you to rethink your logic there. It's called Kantian Ethics
csus DOT edu/indiv/g/gaskilld/ethics/Kantian%20Ethics.htm
If everyone in the world used AdBlock, then websites wouldn't make money and we would have to pay for them, which would be bad. You're justifying AdBlock simply by saying that not everyone will use it, but Kantian ethics says that using it is still wrong. You can use AdBlock if you so choose, but leave those of us who want to support our you-tubers alone.

He may have over-reacted a little, but he's not wrong. It's called Kantian Ethics csus DOT edu/indiv/g/gaskilld/ethics/Kantian%20Ethics.htm
If everyone in the world used AdBlock, then websites wouldn't make money and we would have to pay for them, which would be bad. You're justifying AdBlock simply by saying that not everyone will use it, but Kantian ethics says that using it is still wrong. You can use AdBlock if you so choose, but leave those of us who want to support our you-tubers alone.

(cont)they may not support aggressive dehumanizing corporations (those corporations which care more about money than providing a good service for their customers or good work environment for their employees) but for say computerphile or numberphile these could well work, and for people like jonathan coulton, cory doctorow, and those participating in the humble bundles these DO work.
so just saying "well that's the way things are and we just have to suffer it" is shortsighted.

except we DO pay for everything on the internet. watching advertisement IS a payment, we don't pay MONEY we pay with our TIME and attention and annoyance.
and you are also making the assumption that there are NO other alternatives. that we either pay money for everything or we suffer the advertisements and we have seen a number of business models that work without either of those things (pay what you like is a good example or creative commons)

Ads give channels a monetary incentive to make videos in response to the user's preferences. This is harmful in matters of culture and education.
If you like a channel, send them fanmail, but you don't bribe them into making videos according to your preferences. Similarly, you don't donate to a university and say "be more critical of X".
Clearly, this is a matter of values, or can at least be made into such.

If you disable scripts completely with an add-on like "NoScript", many sites won't work properly or even at all. Then it gets tedious to sort out which scripts are needed for a site to work and which ones can be left out because they are just for tracking purposes. I have recently discovered the add-on "Ghostery" which seems to do the same as DoNotTrackMe that you mentioned. Do you know them both? Can you say what they do differently or which one is better?

For the most part-yes. But not completely. For example Orange in UK - your phone number is present at all times when you are browsing from your phone for example using 3g, whether you like it or not. Many ISP's including mine have static IP's. Then again - I have 6 severs around the world and I can use either one as a tunnel. But when it comes to tracking, you'd be surprised how creative companies are getting. Eeerm I'm not going into details...

many things in computing get their names in very non-technical ways.
bugs came from a literal bug in a machine(i think it might have been a moth). i think(if memory doesnt fail me) that it was the woman who invented cobol that named bugs.
the 5 1/4 floppy drive was chosen arbitrarily. "i want the device as big as this napkin" they measured the napkin and it was 5 1/4 inch.
it wouldnt surprise me if someone named cookies while drunk.

A lot has not been mentioned around here. Cookies are just part of the deal - the long term effect, but there is also the short term effect - sessions. Since sessions are sever side you have no clue what they store about you. So let's say you are browsing any site out there - if there is a fecebook like button or anything in those lines and you are logged into facebook - facebook knows you've been there, even if you have disabled cookies completely. This is a subject fa too big for 10 minutes.

Sorta true. But actually a virus can be generalized as program that replicates and spreads itself. See virus is actually a sub-set of a category called Malware, which is more like what you described. Malware can be anything from Trojan-Horses(Downloading a file and running it but it isn't what you though it was) to Spyware(Which is a program that can do anything from keeping track of your keystrokes or even viewing your screen)

I'm fairly sure any sort of session tracking shopping basket is going to break if you disable its cookies.
Although it's all pointless, having a website track your ad clicks and schedule specific ones on all your website visits in the future is hardly a privacy breaking issue. It's no worse than a Tesco clubcard. I'd be more bothered about all the private info we push into Facebook.

Many sites don't work properly without scripting or Flash enabled. I find the majority of sites need at least one to be usable.
I block scripts and Flash by default but usually have to iterate through NoScript's list of scripts enabling ones for likely-looking domains until the site works sufficiently.
If Flash is allowed even once, LSOs may be present and should be dealt with. This is the rationale behind Better Privacy and its ilk. "Never allow anything" is nice in principle-but impractical.

Objection!
Many sites have 3rd party cookies, and don't offer an option to pay to not have them and ads. There are a few sites i allow ads on, and i always allow _first party_ ads.
My issue is mainly with privacy, but also with the experience of browsing the internet. If i'm subjected to flashing or annoying ads, that diminishes my experience, and when i'm able to correct that i will. If i could have it corrected AND support creators of good content, i would.
I'm not stealing, i'm "free riding".

I meant code tags =P Although while writing this comment, I noticed you can't actually type HTML tags in a UA-cam comment. Which really sucks, because I had a great idea just now...
So basically, when you type something within brackets of type "lesser than" and "greater than" symbols, you create a tag. {computerphile}, {following the cookie trail} and so on, are tags that are created/opened during this video. He never closes any of them... I mean, at least close the computerphile one!

more or less...
Cache data, if I understand it, is data that your computer or browser holds on to, so that information is loaded faster, the next time you access this content..
Cookies are stored differently. Instead, they're like variables, that your browser feeds into a site, to remind it, "hey, I was here, and you gave me this bit of data, this is what it is."
The most common thing cookies are used for, that one might notice, is logging onto a website, and STAYING logged in.

Althoug this is technically true, the real world looks alot different. Most people out there don't have a clue of how a browser works or even what a cookie is.
Only a small percentage of users actually change the default settings of the applications they are using. Cookies are activated by default - so no problems there.
A while ago Apple changed Safari's default settings to not accept 3rd party cookies by default anymore. Shit was real.

It's wrong to assume that there are no harmful cookies because they can't contain viruses. A cookie itself can't be harmful, but a vulnerable website can make them very dangerous indeed.
Cookies frequently contain a session Id; to make sure you don't have to enter a password every time you make a request to the server.
But that cookie can also be requested by an unauthorized server. A hacker can then use that cookie to hijack your session and access your account.

yes i did watch the video but still, would you trust your house's keys to a thief that says he'll take care of it while you're on vacations? Same here, you have no control over what they do with it, the only thing you know (or should) is that businesses only care about money to the extend that laws allow (and even further if they can get away with it) so your data is just a mean of making money. Yes, they can enhance your experience, but do you think they care about that? see facebook...

This EU law really damages more than doing any good. Now, that all sites that uses cookies (which is most of them) must show a warning,.. which means that people are going to see this as a pattern and just click accept for all warnings without really knowing what they accepted... this means that you might be accepting something that gives access to your computer... this is one of the most harmful laws ever passed by EU.

If you don't want 3rd party cookies, there are browser addons that can block them.
In Firefox i use a combination of Flashblock, NoScript, Ghostery, and AdBlock (using a small custom block list to catch stuff that gets through NoScript and Ghostery).
NoScript blocks all scripts by default, and lets you enable them one by one based on the site of origin. Together with flashblock it takes care of ~70-80% of animated ads.
Ghostery is like AdBlock, but also blocks tracking-cookies and injected ads.

hey brady, nice video! please don't focus on this black/green matrix/80th-style too much. computer science has come a long way since then. if you talk to the younger generation, they can present you some very pretty visual programming "languages" like apples quartz composer or lego mindstorms' NXT-G. nobody will be hacking in green monospaced terminals with black backgrounds in the future. ;-)

I think that, although it might seem a bit suspicious with all these ad networks knowing our information, it is a necessary evil in the web we live on today. Many of your favourite sites like UA-cam, Google, Facebook etc. use advertising as their main source of income. That is why we are able to use these websites for free, but they can only use the advertising revenue if the ad companies can make money, and this is one of the ways they are able to ensure they make a profit.

Also, clear cookies when the browser closes.
Unfortunately there is a fly in the ointment: Flash cookies, or LSOs. These have become the principal means of tracking. Few people are aware of them, and they are independent of the browser. To get rid of them I use a plugin for Firefox called Better Privacy.
As for the fanfold paper, as it was called, I also think it's great. They should keep using it and sell it along with the brown papers. I don't think anyone will sue them for the wrong colour.

That's what could be made a video about: "different types of languages" markup, style-sheet, scripting, programming; following different paradigms like functional vs. imperative; being compiled vs. interpreted...
Given Brady's format, I'd at least imagine it would be hard to properly cover single languages, especially in a tutorial-style way. That's not what his videos typically are. They rather tell the stories behind these things.
I'll be glad to see either though

I'm quite certain that these won't be tutorials. Brady's videos aren more on the informational side of infocation or edumation or what ever. This is not to say that any of it would be uninteresting. But don't be surprised if you don't actually learn a lot of how to code stuff in these.
(For these you'd need a term combining information, education and entertainment. infocainment edormainment.... combining words is weird)

Tell me if I'm wrong, but actually, I would say that JavaScript is also a programming language, and a scripting language is a programming language. For instance, PHP is a scripting language because it is interpreted and not compiled.
So in programming language, you have to kind, the compiled languages as C, C++, Java, C#... And the interpreted languages as PHP, JavaScript, Shell, Python..

My father is boss in an electronics company, hes employs and fires people. He says a life of a programmer is a terrible life. There are a lot of programmers to be so he could just fire you and hire another person anytime.
Example: You are working day and night on a project and, because of a communication problem, youve programmed the wrong thing.
You would have to learn the language your whole life, the language changes all the time. Its fun as a hobby, but dont let it take over your life.

You're correct: both PHP and JavaScript are scripting languages AND programming languages. Saying that JS is not a programming language is absolute nonsense, probably spewed by people who are barely scratching the surface of Web programming and already think they know it all.

actually you can store information in cookies, however some developers prefer to just store an identification number in the cookie that reside on the client side and store the related information in a file or a database on the sever side. in this case it is called session-based cookie.

Turing-complete is the technical term. Even "Magic the Gathering" is Turing-complete, so if a language is not Turing-complete I think it doesn't deserve being called a programming language.
You can indeed simulate a Turing machine with any Turing-complete language. The limitation of memory size lies in the hardware, not in the language.

He's not a parasite if he refuses to get made money on by corporations who already have too much money. (because face it, Google makes most of the money off ads).
What I do is use ad-blocker, but disable it on pages that I want to support. That way I don't give a damn about random pages I visit, but am in some small way contributing to people I actually care about.

I don't think this is as simple as you make it out to be.
Perhaps in some time the internet will not be free, but people like you are the ones who are really going to pay for it. Your hands aren't clean here either.
There's no pile of evidence that indicates the right course of action here. People should think it through and be respectful of each other's opinions that's all.